fix openssl problem

Read and write actions on an SSL port can trigger internal write and read actions (i.e., the opposite direction). On the read side, write pumping was performed too early before returning a "wait for new input" event; SSL operations between the pumping and return could trigger the need for pumping, but it never happened because the socket was waiting for new input before taking any new actions. The problem would shows up specifically when Apache renegotiates a connection to demand certificates from a client after first determining the target of the request (i.e., when a certificate is required ony for specific locations on the server). Thenks to Sergey Pinaev, Timur Sufiev, and Neil Van Dyke.
2012-03-01 06:24:56 -07:00 · 2012-03-01 06:24:56 -07:00 · efcb607865
commit efcb607865
parent 51207a2f68
1 changed files with 2 additions and 3 deletions
--- a/collects/openssl/mzssl.rkt
+++ b/collects/openssl/mzssl.rkt
@ -499,8 +499,7 @@
       ;; read proc:
       (letrec ([do-read
 		 (lambda (buffer)
-		   (let ([out-blocked? (pump-output mzssl)]
-			 [len (or must-read-len (min (bytes-length xfer-buffer)
+		   (let ([len (or must-read-len (min (bytes-length xfer-buffer)
 						     (bytes-length buffer)))])
 		     (let ([n (SSL_read (mzssl-ssl mzssl) xfer-buffer len)])
 		       (if (n . >= . 1)
@ -528,7 +527,7 @@
                                 (set! must-read-len len))
 			       (let ([n (pump-input-once mzssl #f)])
 				 (if (eq? n 0)
-				     (begin
+				     (let ([out-blocked? (pump-output mzssl)])
                                       (when enforce-retry?
                                         (set-mzssl-must-read! mzssl (make-semaphore)))
 				       (wrap-evt (choice-evt