[Net-ssleay-devel] Patch for SSL error checking in ssl_write_all

[Elijah Menifee]

I have already posted this bug and a patch on rt.cpan.org as ticket # 
48132, however according to the README it should probably be sent on 
this mailing list:

Outstanding bug (see 44170 requested by marm) where a disconnect socket
that occurs during a ssl_write_all loops forever attempting to retry.

However marm's patch breaks the contract of attempting again on -1 under
certain conditions. After in-depth study the SSL_write and
SSL_get_error man pages, under certain conditions we should continue to
loop and call the same IO function again. It appears that this patch
would break this by always reporting the errno if the ERR_get_errors did
not have return values.

The correct way is to check for SSL_get_errors via get_errors, and
ignore certain errors that occur during session renegotiation that are
non fatal to attempting to write the data again.

I believe my attached patch should be applied instead, and marm's
backed-out.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: netssley-ssl_write_all-error_checking.patch
Type: text/x-diff
Size: 5335 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/net-ssleay-devel/attachments/20090723/53922cbd/attachment.patch>