maria-developers team mailing list archive
-
maria-developers team
-
Mailing list archive
-
Message #09490
Re: 56ef213: MDEV-9836 Connection lost when using SSL
Hi, Vlad!
On Mar 30, wlad@xxxxxxxxxxx wrote:
> revision-id: 56ef213b8be7c91331168df002c4f69d54a26081 (mariadb-5.5.48-15-g56ef213)
> parent(s): 11b77e9b18a8d97063b4c4a96e40bf9c75bd0e8b
> author: Vladislav Vaintroub
> committer: Vladislav Vaintroub
> timestamp: 2016-03-30 23:09:57 +0200
> message:
>
> MDEV-9836 Connection lost when using SSL
>
> Don't read from socket in yassl in SSL_pending().
> Just return size of the buffered unprocessed data.
As far as I understand, you make it to return the size of buffered
*processed* data.
Which is correct, according to OpenSSL documentation:
SSL_pending() returns the number of bytes which have been processed,
buffered and are available inside ssl for immediate read.
If you agree with my understanding, please fix the commit comment to say
"processed" and add a reference to the manual (a quote as above or "as
specified in the OpenSSL manual" or whatever you prefer).
Then ok push.
> diff --git a/extra/yassl/src/ssl.cpp b/extra/yassl/src/ssl.cpp
> index 9516e8b..2346533 100644
> --- a/extra/yassl/src/ssl.cpp
> +++ b/extra/yassl/src/ssl.cpp
> @@ -1471,10 +1471,6 @@ int SSL_peek(SSL* ssl, void* buffer, int sz)
>
> int SSL_pending(SSL* ssl)
> {
> - // Just in case there's pending data that hasn't been processed yet...
> - char c;
> - SSL_peek(ssl, &c, 1);
> -
> return ssl->bufferedData();
> }
>
Regards,
Sergei
Chief Architect MariaDB
and security@xxxxxxxxxxx