From: Aki Tuomi <aki.tuomi@dovecot.fi>
Date: Wed, 20 Jun 2018 05:52:52 +0000 (+0300)
Subject: lib-ssl-iostream: Enable partial writes and moving buffers
X-Git-Tag: 2.3.3.rc1~220
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d4e4240cbf3ae9fc7b1c85ba0ba6b885e227cc3d;p=thirdparty%2Fdovecot%2Fcore.git

lib-ssl-iostream: Enable partial writes and moving buffers

Dovecot is able to provide same content to SSL_write, and
can also take care of consuming written data from the buffer.

Fixes SSL_write failed:error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write retry
---

diff --git a/src/lib-ssl-iostream/iostream-openssl-context.c b/src/lib-ssl-iostream/iostream-openssl-context.c
index e3c902e18d..bf5aa25d61 100644
--- a/src/lib-ssl-iostream/iostream-openssl-context.c
+++ b/src/lib-ssl-iostream/iostream-openssl-context.c
@@ -586,6 +586,12 @@ ssl_iostream_context_init_common(struct ssl_iostream_context *ctx,
 	SSL_CTX_set_options(ctx->ssl_ctx, ssl_ops);
 #ifdef SSL_MODE_RELEASE_BUFFERS
 	SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
+#ifdef SSL_MODE_ENABLE_PARTIAL_WRITE
+	SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
+#endif
+#ifdef SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
+	SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
 #endif
 	if (ssl_proxy_ctx_set_crypto_params(ctx->ssl_ctx, set, error_r) < 0)
 		return -1;