From: Ken Atherton Date: Thu, 3 May 2012 03:45:04 +0000 (+0800) Subject: openssl allow connect multiple packets for SSL_connect X-Git-Tag: 1.2~13 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8360a47011f6a3eb89c6ef9b593eb4bca935336b;p=profile%2Fivi%2Flibwebsockets.git openssl allow connect multiple packets for SSL_connect Ken found over the internet with real delays, SSL_connect can fail to work. This patch adapts his workaround to stay in the connect state until we either run out of time for the connect or succeed. Signed-off-by: Andy Green Signed-off-by: Ken Atherton --- diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c index f34c553..f430d48 100644 --- a/lib/libwebsockets.c +++ b/lib/libwebsockets.c @@ -1800,7 +1800,7 @@ libwebsocket_service_fd(struct libwebsocket_context *context, case LWS_CONNMODE_WS_CLIENT_ISSUE_HANDSHAKE: #ifdef LWS_OPENSSL_SUPPORT - if (wsi->use_ssl) { + if (wsi->use_ssl && !wsi->ssl) { wsi->ssl = SSL_new(context->ssl_client_ctx); wsi->client_bio = BIO_new_socket(wsi->sock, @@ -1810,14 +1810,20 @@ libwebsocket_service_fd(struct libwebsocket_context *context, SSL_set_ex_data(wsi->ssl, openssl_websocket_private_data_index, context); + } + if (wsi->use_ssl) { if (SSL_connect(wsi->ssl) <= 0) { + + /* + * retry if new data comes until we + * run into the connection timeout or win + */ + fprintf(stderr, "SSL connect error %s\n", ERR_error_string(ERR_get_error(), ssl_err_buf)); - libwebsocket_close_and_free_session(context, - wsi, LWS_CLOSE_STATUS_NOSTATUS); - return 1; + return 0; } n = SSL_get_verify_result(wsi->ssl); @@ -1831,15 +1837,10 @@ libwebsocket_service_fd(struct libwebsocket_context *context, wsi, LWS_CLOSE_STATUS_NOSTATUS); return 1; } - } else { + } else wsi->ssl = NULL; #endif - - #ifdef LWS_OPENSSL_SUPPORT - } - #endif - p = libwebsockets_generate_client_handshake(context, wsi, p); if (p == NULL) return 1;