diff options
| author | Andrei Rykov <arykov@ydb.tech> | 2024-01-17 05:18:42 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-17 05:18:42 +0100 |
| commit | a40932cfa3ff28922718878d3d76302a070473ca (patch) | |
| tree | e9cb7f2bb049f300992ca11400df4b9d1b6c6fdb | |
| parent | 9a1868542085a40049b909a514f659c60c2b7b06 (diff) | |
| download | ydb-a40932cfa3ff28922718878d3d76302a070473ca.tar.gz | |
YDB-966 tls incomplete transfer (#1024)
* YDB-966 tls incomplete transfer
* make SSL_get_error after each SSL_* operation
* added ProcessSslError method
* made ProcessSslResult method
| -rw-r--r-- | ydb/library/actors/http/http_proxy_sock_impl.h | 84 |
1 files changed, 24 insertions, 60 deletions
diff --git a/ydb/library/actors/http/http_proxy_sock_impl.h b/ydb/library/actors/http/http_proxy_sock_impl.h index 788c99d9b2..c08246f8fe 100644 --- a/ydb/library/actors/http/http_proxy_sock_impl.h +++ b/ydb/library/actors/http/http_proxy_sock_impl.h @@ -192,82 +192,46 @@ struct TSecureSocketImpl : TPlainSocketImpl, TSslHelpers { void Flush() {} - ssize_t Send(const void* data, size_t size, bool& read, bool& write) { - ssize_t res = SSL_write(Ssl.Get(), data, size); - if (res < 0) { - res = SSL_get_error(Ssl.Get(), res); - switch(res) { - case SSL_ERROR_WANT_READ: - read = true; - return -EAGAIN; - case SSL_ERROR_WANT_WRITE: - write = true; - return -EAGAIN; - default: - return -EIO; - } + int ProcessSslResult(const int res, bool& read, bool& write) { + int err = SSL_get_error(Ssl.Get(), res); // SSL_get_error() must be used after each SSL_* operation + switch(err) { + case SSL_ERROR_NONE: + return res; + case SSL_ERROR_WANT_READ: + read = true; + return -EAGAIN; + case SSL_ERROR_WANT_WRITE: + write = true; + return -EAGAIN; + default: + return -EIO; } - return res; + } + + ssize_t Send(const void* data, size_t size, bool& read, bool& write) { + ERR_clear_error(); + return ProcessSslResult(SSL_write(Ssl.Get(), data, size), read, write); } ssize_t Recv(void* data, size_t size, bool& read, bool& write) { - ssize_t res = SSL_read(Ssl.Get(), data, size); - if (res < 0) { - res = SSL_get_error(Ssl.Get(), res); - switch(res) { - case SSL_ERROR_WANT_READ: - read = true; - return -EAGAIN; - case SSL_ERROR_WANT_WRITE: - write = true; - return -EAGAIN; - default: - return -EIO; - } - } - return res; + ERR_clear_error(); + return ProcessSslResult(SSL_read(Ssl.Get(), data, size), read, write); } int OnConnect(bool& read, bool& write) { if (!Ssl) { InitClientSsl(); } - int res = SSL_connect(Ssl.Get()); - if (res <= 0) { - res = SSL_get_error(Ssl.Get(), res); - switch(res) { - case SSL_ERROR_WANT_READ: - read = true; - return -EAGAIN; - case SSL_ERROR_WANT_WRITE: - write = true; - return -EAGAIN; - default: - return -EIO; - } - } - return res; + ERR_clear_error(); + return ProcessSslResult(SSL_connect(Ssl.Get()), read, write); } int OnAccept(std::shared_ptr<TPrivateEndpointInfo> endpoint, bool& read, bool& write) { if (!Ssl) { InitServerSsl(endpoint->SecureContext.Get()); } - int res = SSL_accept(Ssl.Get()); - if (res <= 0) { - res = SSL_get_error(Ssl.Get(), res); - switch(res) { - case SSL_ERROR_WANT_READ: - read = true; - return -EAGAIN; - case SSL_ERROR_WANT_WRITE: - write = true; - return -EAGAIN; - default: - return -EIO; - } - } - return res; + ERR_clear_error(); + return ProcessSslResult(SSL_accept(Ssl.Get()), read, write); } }; |