From: Emeric Brun <ebrun@exceliance.fr>
Date: Thu, 8 Nov 2012 16:56:20 +0000 (+0100)
Subject: BUG/MEDIUM: ssl: review polling on reneg.
X-Git-Tag: v1.5-dev13~42
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8af8dd1a9a2f76b765a35d248dd56f12669564d4;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: ssl: review polling on reneg.

SSL may return SSL_ERROR_WANT_WRITE or SSL_ERROR_WANT_READ when switching
from data to handshake even if it does not need to poll first.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index f19e0a74b9..2fba79b9d0 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -978,9 +978,9 @@ static int ssl_sock_to_buf(struct connection *conn, struct buffer *buf, int coun
 		else {
 			ret =  SSL_get_error(conn->xprt_ctx, ret);
 			if (ret == SSL_ERROR_WANT_WRITE) {
-				/* handshake is running, and it needs to poll for a write event */
+				/* handshake is running, and it needs to enable write */
 				conn->flags |= CO_FL_SSL_WAIT_HS;
-				__conn_sock_poll_send(conn);
+				__conn_sock_want_send(conn);
 				break;
 			}
 			else if (ret == SSL_ERROR_WANT_READ) {
@@ -1061,13 +1061,9 @@ static int ssl_sock_from_buf(struct connection *conn, struct buffer *buf, int fl
 				break;
 			}
 			else if (ret == SSL_ERROR_WANT_READ) {
-				/* handshake is running, and
-				   it needs to poll for a read event,
-				   write polling must be disabled cause
-				   we are sure we can't write anything more
-				   before handshake re-performed */
+				/* handshake is running, and it needs to enable read */
 				conn->flags |= CO_FL_SSL_WAIT_HS;
-				__conn_sock_poll_recv(conn);
+				__conn_sock_want_recv(conn);
 				break;
 			}
 			goto out_error;