]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 09e0d74)
BUG/MEDIUM: ssl: Make sure we initiate the handshake after using early data.
authorOlivier Houchard <cognet@ci0.org>
Sat, 15 Jun 2019 18:59:30 +0000 (20:59 +0200)
committerOlivier Houchard <cognet@ci0.org>
Sat, 15 Jun 2019 19:00:39 +0000 (21:00 +0200)
When we're done sending/receiving early data, and we add the handshake
flags on the connection, make sure we wake the associated tasklet up, so that
the handshake will be initiated.

src/ssl_sock.c patch | blob | blame | history

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 8c3600a13f5d820a1df275b44dc1689b327e8d07..1d0e4dbb1d4baeddc73019c1d1e39bbd172fb8b6 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5761,6 +5761,8 @@ static size_t ssl_sock_to_buf(struct connection *conn, void *xprt_ctx, struct bu
                                        conn->flags &= ~CO_FL_EARLY_SSL_HS;
                                        conn->flags |= CO_FL_SSL_WAIT_HS;
                                        need_out = 1;
+                                       /* Now initiate the handshake */
+                                       tasklet_wakeup(ctx->wait_event.tasklet);
                                        if (read_length == 0)
                                                break;
                                }
@@ -5920,6 +5922,7 @@ static size_t ssl_sock_from_buf(struct connection *conn, void *xprt_ctx, const s
                                try -= (try + ctx->sent_early_data) - max_early;
                                if (try <= 0) {
                                        conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
+                                       tasklet_wakeup(ctx->wait_event.tasklet);
                                        break;
                                }
                        }
@@ -5927,8 +5930,11 @@ static size_t ssl_sock_from_buf(struct connection *conn, void *xprt_ctx, const s
                        if (ret == 1) {
                                ret = written_data;
                                ctx->sent_early_data += ret;
-                               if (objt_server(conn->target))
+                               if (objt_server(conn->target)) {
                                        conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN | CO_FL_EARLY_DATA;
+                                       /* Initiate the handshake, now */
+                                       tasklet_wakeup(ctx->wait_event.tasklet);
+                               }
 
                        }
 
Mirror of https://github.com/haproxy/haproxy.git