git.ipfire.org Git - thirdparty/freeswitch.git/commit

author	Ethan Atkins <eatkins@meraki.com>
	Wed, 27 Apr 2016 18:34:58 +0000 (11:34 -0700)
committer	Ethan Atkins <ethan.atkins@gmail.com>
	Sat, 30 Apr 2016 17:39:47 +0000 (10:39 -0700)
commit	db0dfe94d079e8b82c5ca93092faa2fe204b0d06
tree	f2a3bcd86bb1de6420784005c7d39600eafba6d4	tree \| snapshot
parent	b61bf02c6b886d1c523f850e1c5937a00a4b4a61	commit \| diff

FS-9113 [sofia-sip] Clear out ssl error queue

Sofia will unpredictably close a tls transport during call setup. This
occurs when the epoll event loop wakes up the socket reader and SSL_read
returns an error because there is no packet on the socket. Normally
sofia will read the last error using SSL_get_error and return
SSL_ERROR_WANT_READ. Sofia gracefully handles this error and the
transport stays open. Sometimes, however, the worker thread will call
SSL_shutdown for a different transport, which can write an error to the
internal openssl error queue. If that error is not read off the queue,
the next time that SSL_get_error is called, it will read that unrelated
error.

The documentation for SSL_shutdown explains that there are three
possible results -1, 0 and 1 with, oddly, 1 indicating success. The -1
result code occurs when there is no handshake callback registered on the
connection. It can return 0 when there is still work to be done. The
documentation suggest that it is insufficient to call it just once. This
is why I added the do {} while () construct.

Although just the fix to SSL_shutdown was enough to resolve my issue, I
a also audited other calls to SSL_* functions and found a few other
cases where an error may be generated, but was not handled.

libs/sofia-sip/libsofia-sip-ua/tport/tport_tls.c		diff \| blob \| blame \| history
libs/sofia-sip/libsofia-sip-ua/tport/tport_tls.h		diff \| blob \| blame \| history
libs/sofia-sip/libsofia-sip-ua/tport/tport_type_ws.c		diff \| blob \| blame \| history