From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Fri, 19 Feb 2021 13:42:02 +0000 (+0100)
Subject: - Fix #429: rpz: url: with https: broken (regression in 1.13.1).
X-Git-Tag: release-1.13.2rc1~267
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bc4bdbabeab1388e41ce64714203b4fd3fab18be;p=thirdparty%2Funbound.git

- Fix #429: rpz: url: with https: broken (regression in 1.13.1).
---

diff --git a/doc/Changelog b/doc/Changelog
index e04e0dbd5..0c81a22a8 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -6,6 +6,7 @@
 	  With zonemd-reject-absence for an auth-zone the presence of a
 	  zonemd can be mandated for specific zones.
 	- Fix doxygen and pydoc warnings.
+	- Fix #429: rpz: url: with https: broken (regression in 1.13.1).
 
 15 February 2021: Wouter
 	- Fix #422: IPv6 fallback issues when IPv6 is not properly
diff --git a/util/netevent.c b/util/netevent.c
index 893c1ddbf..5a71a82e4 100644
--- a/util/netevent.c
+++ b/util/netevent.c
@@ -2197,6 +2197,8 @@ ssl_http_read_more(struct comm_point* c)
 		log_crypto_err("could not SSL_read");
 		return 0;
 	}
+	verbose(VERB_ALGO, "ssl http read more skip to %d + %d",
+		(int)sldns_buffer_position(c->buffer), (int)r);
 	sldns_buffer_skip(c->buffer, (ssize_t)r);
 	return 1;
 #else
@@ -2233,6 +2235,8 @@ http_read_more(int fd, struct comm_point* c)
 			&c->repinfo.addr, c->repinfo.addrlen);
 		return 0;
 	}
+	verbose(VERB_ALGO, "http read more skip to %d + %d",
+		(int)sldns_buffer_position(c->buffer), (int)r);
 	sldns_buffer_skip(c->buffer, r);
 	return 1;
 }
@@ -2393,8 +2397,8 @@ http_nonchunk_segment(struct comm_point* c)
 	 * read more data collected into the buffer */
 	remainbufferlen = sldns_buffer_capacity(c->buffer) -
 		sldns_buffer_limit(c->buffer);
-	if(remainbufferlen >= c->tcp_byte_count ||
-		remainbufferlen >= 2048) {
+	if(remainbufferlen+got_now >= c->tcp_byte_count ||
+		remainbufferlen >= (c->ssl?16384:2048)) {
 		size_t total = sldns_buffer_limit(c->buffer);
 		sldns_buffer_clear(c->buffer);
 		sldns_buffer_set_position(c->buffer, total);
@@ -2762,6 +2766,11 @@ comm_point_http_handle_read(int fd, struct comm_point* c)
 			return 0;
 	}
 
+	if(c->http_stored >= sldns_buffer_position(c->buffer)) {
+		/* read did not work but we wanted more data, there is
+		 * no bytes to process now. */
+		return 1;
+	}
 	sldns_buffer_flip(c->buffer);
 	/* if we are partway in a segment of data, position us at the point
 	 * where we left off previously */