You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by bc...@apache.org on 2014/05/16 23:43:58 UTC

git commit: TS-2815: SSL orgin server connection hangs if ssl handshake is slow

Repository: trafficserver
Updated Branches:
  refs/heads/master d8ca84854 -> f3a3edb04


TS-2815: SSL orgin server connection hangs if ssl handshake is slow


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/f3a3edb0
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/f3a3edb0
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/f3a3edb0

Branch: refs/heads/master
Commit: f3a3edb048fc5f96163d1c4a26c1523383786f5d
Parents: d8ca848
Author: Bryan Call <bc...@apache.org>
Authored: Fri May 16 14:43:11 2014 -0700
Committer: Bryan Call <bc...@apache.org>
Committed: Fri May 16 14:43:11 2014 -0700

----------------------------------------------------------------------
 iocore/net/SSLNetVConnection.cc  | 11 ++++++-----
 iocore/net/UnixNetVConnection.cc |  4 +---
 2 files changed, 7 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f3a3edb0/iocore/net/SSLNetVConnection.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc
index 02f3f4a..da6830c 100644
--- a/iocore/net/SSLNetVConnection.cc
+++ b/iocore/net/SSLNetVConnection.cc
@@ -549,12 +549,9 @@ SSLNetVConnection::sslStartHandShake(int event, int &err)
 int
 SSLNetVConnection::sslServerHandShakeEvent(int &err)
 {
-  int ret;
-  int ssl_error;
-
-  ret = SSL_accept(ssl);
+  int ret = SSL_accept(ssl);
+  int ssl_error = SSL_get_error(ssl, ret);
 
-  ssl_error = SSL_get_error(ssl, ret);
   if (ssl_error != SSL_ERROR_NONE) {
     err = errno;
     SSLDebugVC(this,"SSL handshake error: %s (%d), errno=%d", SSLErrorName(ssl_error), ssl_error, err);
@@ -647,6 +644,10 @@ SSLNetVConnection::sslClientHandShakeEvent(int &err)
       X509 * cert = SSL_get_peer_certificate(ssl);
 
       Debug("ssl", "SSL client handshake completed successfully");
+      // if the handshake is complete and write is enabled reschedule the write
+      Debug("ssl", "write.enabled: %d", write.enabled);
+      if (write.enabled)
+        writeReschedule(nh);
       if (cert) {
         debug_certificate_name("server certificate subject CN is", X509_get_subject_name(cert));
         debug_certificate_name("server certificate issuer CN is", X509_get_issuer_name(cert));

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f3a3edb0/iocore/net/UnixNetVConnection.cc
----------------------------------------------------------------------
diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc
index 8a919c5..105a6c5 100644
--- a/iocore/net/UnixNetVConnection.cc
+++ b/iocore/net/UnixNetVConnection.cc
@@ -466,9 +466,7 @@ write_to_net_io(NetHandler *nh, UnixNetVConnection *vc, EThread *thread)
       nh->read_ready_list.remove(vc);
       vc->write.triggered = 0;
       nh->write_ready_list.remove(vc);
-      if (ret == SSL_HANDSHAKE_WANT_READ || ret == SSL_HANDSHAKE_WANT_ACCEPT)
-        read_reschedule(nh, vc);
-      else
+      if (!(ret == SSL_HANDSHAKE_WANT_READ || ret == SSL_HANDSHAKE_WANT_ACCEPT))
         write_reschedule(nh, vc);
     } else if (ret == EVENT_DONE) {
       vc->write.triggered = 1;