Ticket #285: fix-ssl-again.patch

File fix-ssl-again.patch, 1.8 kB (added by stbuehler, 3 months ago)
against lighty-1.4 svn; hopefully fixed the error handling for ssl-shutdown in a clean way

a/src/connections.c

old	new
1669	1669	}
1670	1670	#ifdef USE_OPENSSL
1671	1671	if (srv_sock->is_ssl) {
1672		int ret;
	1672	int ret, ssl_r;
	1673	unsigned long err;
1673	1674	ERR_clear_error();
1674	1675	switch ((ret = SSL_shutdown(con->ssl))) {
1675	1676	case 1:
1676	1677	/* ok */
1677	1678	break;
1678	1679	case 0:
1679		ERR_clear_error();
1680		if ((ret = SSL_shutdown(con->ssl)) == 1) break;
	1680	if (-1 != (ret = SSL_shutdown(con->ssl))) break;
1681	1681
1682	1682	// fall through
1683	1683	default:
1684		log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",
1685		SSL_get_error(con->ssl, ret),
1686		ERR_error_string(ERR_get_error(), NULL));
1687		return -1;
	1684
	1685	switch ((ssl_r = SSL_get_error(con->ssl, ret))) {
	1686	case SSL_ERROR_WANT_WRITE:
	1687	case SSL_ERROR_WANT_READ:
	1688	break;
	1689	case SSL_ERROR_SYSCALL:
	1690	/* perhaps we have error waiting in our error-queue */
	1691	if (0 != (err = ERR_get_error())) {
	1692	do {
	1693	log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
	1694	ssl_r, ret,
	1695	ERR_error_string(err, NULL));
	1696	} while((err = ERR_get_error()));
	1697	} else {
	1698	log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
	1699	ssl_r, r, errno,
	1700	strerror(errno));
	1701	}
	1702
	1703	break;
	1704	default:
	1705	while((err = ERR_get_error())) {
	1706	log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
	1707	ssl_r, ret,
	1708	ERR_error_string(err, NULL));
	1709	}
	1710
	1711	break;
	1712	}
1688	1713	}
1689	1714	}
	1715	ERR_clear_error();
1690	1716	#endif
1691	1717
1692	1718	switch(con->mode) {