Hi,
While looking into SSL code in secure_read() of be-secure.c and
pqsecure_read() of fe-secure.c, I noticed subtle difference between
them.
In secure_read:
---------------------------------------------------------- case SSL_ERROR_WANT_READ: case
SSL_ERROR_WANT_WRITE: if (port->noblock) { errno = EWOULDBLOCK; n =
-1; break; }
#ifdef WIN32 pgwin32_waitforsinglesocket(SSL_get_fd(port->ssl), (err
==SSL_ERROR_WANT_READ) ? FD_READ | FD_CLOSE : FD_WRITE | FD_CLOSE,
INFINITE);
#endif goto rloop;
----------------------------------------------------------
while in pqsecure_read:
---------------------------------------------------------- case SSL_ERROR_WANT_READ: n = 0;
break; case SSL_ERROR_WANT_WRITE:
/* * Returning 0 here would cause caller to wait for read-ready, * which is not
correctsince what SSL wants is wait for * write-ready. The former could get us stuck in an infinite
* wait, so don't risk it; busy-loop instead. */ goto rloop;
----------------------------------------------------------
Those code fragment judges the return value from
SSL_read(). secure_read() does retrying when SSL_ERROR_WANT_READ *and*
SSL_ERROR_WANT_WRITE returned. However, pqsecure_read() does not retry
when SSL_ERROR_WANT_READ. It seems they are not consistent. Comments?
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp
