- Fix windows to not have sticky TLS events for TCP.

- Fix read of DNS over TLS length and data in one read call.

git-svn-id: file:///svn/unbound/trunk@4680 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index cf044e813eceb3299d9df6304ae67f1b77adabde..6c9f4b24fd31c94dd40e89bad58a6b11cd2c9b17 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,7 @@
+7 May 2018: Wouter
+       - Fix windows to not have sticky TLS events for TCP.
+       - Fix read of DNS over TLS length and data in one read call.
+
 3 May 2018: Wouter
        - Fix that configure --with-libhiredis also turns on cachedb.
        - Fix gcc 8 buffer warning in testcode.

diff --git a/util/netevent.c b/util/netevent.c
index f0d72e038441ebe2161cb98b9a1f67162b28c5d8..34a1bd5e131c9cc1323ec588041eeb2a0936378e 100644 (file)
--- a/util/netevent.c
+++ b/util/netevent.c
@@ -1128,6 +1128,7 @@ ssl_handle_read(struct comm_point* c)
                        if(want == SSL_ERROR_ZERO_RETURN) {
                                return 0; /* shutdown, closed */
                        } else if(want == SSL_ERROR_WANT_READ) {
+                               ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ);
                                return 1; /* read more later */
                        } else if(want == SSL_ERROR_WANT_WRITE) {
                                c->ssl_shake_state = comm_ssl_shake_hs_write;
@@ -1143,7 +1144,7 @@ ssl_handle_read(struct comm_point* c)
                        return 0;
                }
                c->tcp_byte_count += r;
-               if(c->tcp_byte_count != sizeof(uint16_t))
+               if(c->tcp_byte_count < sizeof(uint16_t))
                        return 1;
                if(sldns_buffer_read_u16_at(c->buffer, 0) >
                        sldns_buffer_capacity(c->buffer)) {
@@ -1156,33 +1157,36 @@ ssl_handle_read(struct comm_point* c)
                        verbose(VERB_QUERY, "ssl: dropped bogus too short.");
                        return 0;
                }
+               sldns_buffer_skip(c->buffer, (ssize_t)(c->tcp_byte_count-sizeof(uint16_t)));
                verbose(VERB_ALGO, "Reading ssl tcp query of length %d",
                        (int)sldns_buffer_limit(c->buffer));
        }
-       log_assert(sldns_buffer_remaining(c->buffer) > 0);
-       ERR_clear_error();
-       r = SSL_read(c->ssl, (void*)sldns_buffer_current(c->buffer),
-               (int)sldns_buffer_remaining(c->buffer));
-       if(r <= 0) {
-               int want = SSL_get_error(c->ssl, r);
-               if(want == SSL_ERROR_ZERO_RETURN) {
-                       return 0; /* shutdown, closed */
-               } else if(want == SSL_ERROR_WANT_READ) {
-                       return 1; /* read more later */
-               } else if(want == SSL_ERROR_WANT_WRITE) {
-                       c->ssl_shake_state = comm_ssl_shake_hs_write;
-                       comm_point_listen_for_rw(c, 0, 1);
-                       return 1;
-               } else if(want == SSL_ERROR_SYSCALL) {
-                       if(errno != 0)
-                               log_err("SSL_read syscall: %s",
-                                       strerror(errno));
+       if(sldns_buffer_remaining(c->buffer) > 0) {
+               ERR_clear_error();
+               r = SSL_read(c->ssl, (void*)sldns_buffer_current(c->buffer),
+                       (int)sldns_buffer_remaining(c->buffer));
+               if(r <= 0) {
+                       int want = SSL_get_error(c->ssl, r);
+                       if(want == SSL_ERROR_ZERO_RETURN) {
+                               return 0; /* shutdown, closed */
+                       } else if(want == SSL_ERROR_WANT_READ) {
+                               ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ);
+                               return 1; /* read more later */
+                       } else if(want == SSL_ERROR_WANT_WRITE) {
+                               c->ssl_shake_state = comm_ssl_shake_hs_write;
+                               comm_point_listen_for_rw(c, 0, 1);
+                               return 1;
+                       } else if(want == SSL_ERROR_SYSCALL) {
+                               if(errno != 0)
+                                       log_err("SSL_read syscall: %s",
+                                               strerror(errno));
+                               return 0;
+                       }
+                       log_crypto_err("could not SSL_read");
                        return 0;
                }
-               log_crypto_err("could not SSL_read");
-               return 0;
+               sldns_buffer_skip(c->buffer, (ssize_t)r);
        }
-       sldns_buffer_skip(c->buffer, (ssize_t)r);
        if(sldns_buffer_remaining(c->buffer) <= 0) {
                tcp_callback_reader(c);
        }
@@ -1237,6 +1241,7 @@ ssl_handle_write(struct comm_point* c)
                                comm_point_listen_for_rw(c, 1, 0);
                                return 1; /* wait for read condition */
                        } else if(want == SSL_ERROR_WANT_WRITE) {
+                               ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE);
                                return 1; /* write more later */
                        } else if(want == SSL_ERROR_SYSCALL) {
                                if(errno != 0)
@@ -1270,6 +1275,7 @@ ssl_handle_write(struct comm_point* c)
                        comm_point_listen_for_rw(c, 1, 0);
                        return 1; /* wait for read condition */
                } else if(want == SSL_ERROR_WANT_WRITE) {
+                       ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE);
                        return 1; /* write more later */
                } else if(want == SSL_ERROR_SYSCALL) {
                        if(errno != 0)