From: Willy Tarreau <w@1wt.eu>
Date: Fri, 28 Sep 2012 18:22:13 +0000 (+0200)
Subject: BUG/MINOR: ssl: report the L4 connection as established when possible
X-Git-Tag: v1.5-dev13~231
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8923019a1d74c2d5f50eb0afe6c6a7531daac8c2;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: report the L4 connection as established when possible

If we get an SSL error during the handshake, we at least try to see
if a syscall reported an error or not. In case of an error, it generally
means that the connection failed. If there is no error, then the connection
established successfully.

The difference is important for health checks which report the precise cause
to the logs and to the stats.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 71ae06f923..efef1556af 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -720,6 +720,12 @@ int ssl_sock_handshake(struct connection *conn, unsigned int flag)
 			__conn_sock_poll_recv(conn);
 			return 0;
 		}
+		else if (ret == SSL_ERROR_SYSCALL) {
+			/* if errno is null, then connection was successfully established */
+			if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
+				conn->flags &= ~CO_FL_WAIT_L4_CONN;
+			goto out_error;
+		}
 		else {
 			/* Fail on all other handshake errors */
 			goto out_error;