BUG: ssl: send payload gets corrupted if tune.ssl.maxrecord is used

We were using "tune.ssl.maxrecord 2000" and discovered an interesting
problem: SSL data sent from the server to the client showed occasional
corruption of the payload data.

The root cause was:
When ssl_max_record is smaller than the requested send amount
the ring buffer wrapping wasn't properly adjusting the
number of bytes to send.

I solved this by selecting the initial size based on the number
of output bytes that can be sent without splitting _before_ checking
against ssl_max_record.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 38e95a85150fbf7e770f68abe4fc2a78dc46b6d7..a99fe3f92191505a683d5cd568d5c9b4406fc54c 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1318,15 +1318,11 @@ static int ssl_sock_from_buf(struct connection *conn, struct buffer *buf, int fl
         * in which case we accept to do it once again.
         */
        while (buf->o) {
-               try = buf->o;
+               try = bo_contig_data(buf);
 
                if (global.tune.ssl_max_record && try > global.tune.ssl_max_record)
                        try = global.tune.ssl_max_record;
 
-               /* outgoing data may wrap at the end */
-               if (buf->data + try > buf->p)
-                       try = buf->data + try - buf->p;
-
                ret = SSL_write(conn->xprt_ctx, bo_ptr(buf), try);
                if (conn->flags & CO_FL_ERROR) {
                        /* CO_FL_ERROR may be set by ssl_sock_infocbk */