suzanne.soy/racket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix openssl problem

Browse Source 
Read and write actions on an SSL port can trigger internal write
and read actions (i.e., the opposite direction). On the read side,
write pumping was performed too early before returning a "wait
for new input" event; SSL operations between the pumping and
return could trigger the need for pumping, but it never happened
because the socket was waiting for new input before taking any
new actions.

The problem would shows up specifically when Apache renegotiates
a connection to demand certificates from a client after first
determining the target of the request (i.e., when a certificate
is required ony for specific locations on the server).

Thenks to Sergey Pinaev, Timur Sufiev, and Neil Van Dyke.
This commit is contained in:
Matthew Flatt 2012-03-01 06:24:56 -07:00
parent 51207a2f68
commit efcb607865
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
collects/openssl/mzssl.rkt
View File

@ -499,8 +499,7 @@
;; read proc: ;; read proc:
(letrec ([do-read (letrec ([do-read
(lambda (buffer) (lambda (buffer)
(let ([out-blocked? (pump-output mzssl)] (let ([len (or must-read-len (min (bytes-length xfer-buffer)
[len (or must-read-len (min (bytes-length xfer-buffer)
(bytes-length buffer)))]) (bytes-length buffer)))])
(let ([n (SSL_read (mzssl-ssl mzssl) xfer-buffer len)]) (let ([n (SSL_read (mzssl-ssl mzssl) xfer-buffer len)])
(if (n . >= . 1) (if (n . >= . 1)
@ -528,7 +527,7 @@
(set! must-read-len len)) (set! must-read-len len))
(let ([n (pump-input-once mzssl #f)]) (let ([n (pump-input-once mzssl #f)])
(if (eq? n 0) (if (eq? n 0)
(begin (let ([out-blocked? (pump-output mzssl)])
(when enforce-retry? (when enforce-retry?
(set-mzssl-must-read! mzssl (make-semaphore))) (set-mzssl-must-read! mzssl (make-semaphore)))
(wrap-evt (choice-evt (wrap-evt (choice-evt