From 21267293d5b2c445beab4c792a94eb39434db592 Mon Sep 17 00:00:00 2001 From: Sergey Avseyev Date: Tue, 30 Apr 2019 16:36:19 +0300 Subject: [PATCH 1/2] Fixes SSL sockets with openssl 1.1.1c+ BIO_get_mem_ptr does not give direct access to internal buffer, so we have to invalidate our copy before using buffer values. Change-Id: I0dba625dd0be702ec7eea640047facf3caf79fef --- src/ssl/ssl_e.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/ssl/ssl_e.c b/src/ssl/ssl_e.c index f4506cf6..734a3e64 100644 --- a/src/ssl/ssl_e.c +++ b/src/ssl/ssl_e.c @@ -210,10 +210,16 @@ flush_ssl_data(lcbio_ESSL *es) * calls. While we could have done this inline with the send() call this * would make future optimization more difficult. */ GT_WRITE_DONE: +#if !LCB_CAN_OPTIMIZE_SSL_BIO + BIO_get_mem_ptr(es->wbio, &wmb); +#endif while (wmb->length > (size_t)tmp_len) { char dummy[4096]; unsigned to_read = MINIMUM(wmb->length-tmp_len, sizeof dummy); BIO_read(es->wbio, dummy, to_read); +#if !LCB_CAN_OPTIMIZE_SSL_BIO + BIO_get_mem_ptr(es->wbio, &wmb); +#endif } BIO_clear_retry_flags(es->wbio); return 0; -- 2.22.0