1 files changed, 37 insertions, 0 deletions

diff --git a/libcouchbase-0005-fixes-ssl-sockets-with-openssl-1.1.1c.patch b/libcouchbase-0005-fixes-ssl-sockets-with-openssl-1.1.1c.patch
new file mode 100644
index 0000000..a5f2970
--- /dev/null
+++ b/libcouchbase-0005-fixes-ssl-sockets-with-openssl-1.1.1c.patch
@@ -0,0 +1,37 @@
+From 21267293d5b2c445beab4c792a94eb39434db592 Mon Sep 17 00:00:00 2001
+From: Sergey Avseyev <sergey.avseyev@gmail.com>
+Date: Tue, 30 Apr 2019 16:36:19 +0300
+Subject: [PATCH 1/2] Fixes SSL sockets with openssl 1.1.1c+
+
+BIO_get_mem_ptr does not give direct access to internal buffer, so we
+have to invalidate our copy before using buffer values.
+
+Change-Id: I0dba625dd0be702ec7eea640047facf3caf79fef
+---
+ src/ssl/ssl_e.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/ssl/ssl_e.c b/src/ssl/ssl_e.c
+index f4506cf6..734a3e64 100644
+--- a/src/ssl/ssl_e.c
++++ b/src/ssl/ssl_e.c
+@@ -210,10 +210,16 @@ flush_ssl_data(lcbio_ESSL *es)
+      * calls. While we could have done this inline with the send() call this
+      * would make future optimization more difficult. */
+     GT_WRITE_DONE:
++#if !LCB_CAN_OPTIMIZE_SSL_BIO
++    BIO_get_mem_ptr(es->wbio, &wmb);
++#endif
+     while (wmb->length > (size_t)tmp_len) {
+         char dummy[4096];
+         unsigned to_read = MINIMUM(wmb->length-tmp_len, sizeof dummy);
+         BIO_read(es->wbio, dummy, to_read);
++#if !LCB_CAN_OPTIMIZE_SSL_BIO
++        BIO_get_mem_ptr(es->wbio, &wmb);
++#endif
+     }
+     BIO_clear_retry_flags(es->wbio);
+     return 0;
+-- 
+2.22.0
+