From: Matt Caswell <matt@openssl.org>
Date: Thu, 3 May 2018 15:00:05 +0000 (+0100)
Subject: Only auto-retry for DTLS if configured to do so
X-Git-Tag: OpenSSL_1_1_0i~122
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=eb49905e605241dd1369d54df264976f8ea7f823;p=oweals%2Fopenssl.git

Only auto-retry for DTLS if configured to do so

Otherwise we may end up in a hang when using blocking sockets

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6196)
---

diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
index c753a54a22..083dac4339 100644
--- a/ssl/record/rec_layer_d1.c
+++ b/ssl/record/rec_layer_d1.c
@@ -849,6 +849,18 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
 
             dtls1_retransmit_buffered_messages(s);
             SSL3_RECORD_set_length(rr, 0);
+            if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
+                if (SSL3_BUFFER_get_left(&s->rlayer.rbuf) == 0) {
+                    /* no read-ahead left? */
+                    BIO *bio;
+
+                    s->rwstate = SSL_READING;
+                    bio = SSL_get_rbio(s);
+                    BIO_clear_retry_flags(bio);
+                    BIO_set_retry_read(bio);
+                    return -1;
+                }
+            }
             goto start;
         }