From ad962252857aac4350139fdbb6c8e3e6b0bdad7b Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 3 May 2018 16:00:05 +0100 Subject: [PATCH] Only auto-retry for DTLS if configured to do so Otherwise we may end up in a hang when using blocking sockets Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/6170) --- ssl/record/rec_layer_d1.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 97943d43bb..f1e35f407c 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -664,6 +664,18 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, return -1; } SSL3_RECORD_set_length(rr, 0); + if (!(s->mode & SSL_MODE_AUTO_RETRY)) { + if (SSL3_BUFFER_get_left(&s->rlayer.rbuf) == 0) { + /* no read-ahead left? */ + BIO *bio; + + s->rwstate = SSL_READING; + bio = SSL_get_rbio(s); + BIO_clear_retry_flags(bio); + BIO_set_retry_read(bio); + return -1; + } + } goto start; } -- 2.25.1