[OpenSIPS-Devel] [OpenSIPS/opensips] 58977a: tls_openssl: fix openssl_tls_async_connect
Liviu Chircu
noreply at github.com
Thu Apr 17 18:20:10 UTC 2025
Branch: refs/heads/master
Home: https://github.com/OpenSIPS/opensips
Commit: 58977a99484120d32e1bf7968a54c140e6465e78
https://github.com/OpenSIPS/opensips/commit/58977a99484120d32e1bf7968a54c140e6465e78
Author: Your Name <your-email at example.com>
Date: 2024-07-22 (Mon, 22 Jul 2024)
Changed paths:
M modules/tls_openssl/openssl_conn_ops.c
Log Message:
-----------
tls_openssl: fix openssl_tls_async_connect
The `fd` value here is used with `poll()`/`select()` in the event that `SSL_connect()`
gives an `SSL_ERROR_WANT_WRITE` error. So we need to be polling/selecting on the fd that
is used by the underlying socket, which is the fd passed as an argument to the function,
rather than `con->fd`.
It seems to me that `handle_io()` updates `con->fd` to match the received fd number only
when the socket wants reading and not when it wants writing. When the socket wants writing
the correct fd to use is the one that is passed in the function argument, not the one
that is in `con->fd`.
The reasons this mostly worked before are:
1. on a box that is not heavily-loaded you often end up with the same worker setting up
the TLS session as opened the socket in the first place, so the fd in `con->fd happens
to be correct.
2. if `SSL_connect()` happily connects straight away, without an `SSL_ERROR_WANT_WRITE`,
then you never run into a code path that uses the value in `fd` anyway.
Commit: 3ee5b4fad0242732c731686ff7ff106849c6c8ef
https://github.com/OpenSIPS/opensips/commit/3ee5b4fad0242732c731686ff7ff106849c6c8ef
Author: Liviu Chircu <liviu at opensips.org>
Date: 2025-04-17 (Thu, 17 Apr 2025)
Changed paths:
M modules/tls_openssl/openssl_conn_ops.c
Log Message:
-----------
Merge pull request #3438 from jes/jes/fix-tls-async-connect-fd
tls_openssl: fix openssl_tls_async_connect
Compare: https://github.com/OpenSIPS/opensips/compare/6b2932908efd...3ee5b4fad024
To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications
More information about the Devel
mailing list