openssl allow connect multiple packets for SSL_connect

Ken found over the internet with real delays, SSL_connect can
fail to work.  This patch adapts his workaround to stay in the
connect state until we either run out of time for the connect
or succeed.

Signed-off-by: Andy Green <andy.green@linaro.org>
Signed-off-by: Ken Atherton <katherton@echofirst.com>

diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c
index f34c553..f430d48 100644 (file)
--- a/lib/libwebsockets.c
+++ b/lib/libwebsockets.c
@@ -1800,7 +1800,7 @@ libwebsocket_service_fd(struct libwebsocket_context *context,
        case LWS_CONNMODE_WS_CLIENT_ISSUE_HANDSHAKE:
 
        #ifdef LWS_OPENSSL_SUPPORT
-               if (wsi->use_ssl) {
+               if (wsi->use_ssl && !wsi->ssl) {
 
                        wsi->ssl = SSL_new(context->ssl_client_ctx);
                        wsi->client_bio = BIO_new_socket(wsi->sock,
@@ -1810,14 +1810,20 @@ libwebsocket_service_fd(struct libwebsocket_context *context,
                        SSL_set_ex_data(wsi->ssl,
                                        openssl_websocket_private_data_index,
                                                                       context);
+               }               
 
+               if (wsi->use_ssl) {
                        if (SSL_connect(wsi->ssl) <= 0) {
+
+                               /*
+                                * retry if new data comes until we
+                                * run into the connection timeout or win
+                                */
+
                                fprintf(stderr, "SSL connect error %s\n",
                                        ERR_error_string(ERR_get_error(),
                                                                  ssl_err_buf));
-                               libwebsocket_close_and_free_session(context,
-                                              wsi, LWS_CLOSE_STATUS_NOSTATUS);
-                               return 1;
+                               return 0;
                        }
 
                        n = SSL_get_verify_result(wsi->ssl);
@@ -1831,15 +1837,10 @@ libwebsocket_service_fd(struct libwebsocket_context *context,
                                                wsi, LWS_CLOSE_STATUS_NOSTATUS);
                                return 1;
                        }
-               } else {
+               } else
                        wsi->ssl = NULL;
        #endif
 
-
-       #ifdef LWS_OPENSSL_SUPPORT
-               }
-       #endif
-
                p = libwebsockets_generate_client_handshake(context, wsi, p);
                if (p == NULL)
                        return 1;