avformat/tls_schannel: immediately return decrypted data if available

Until now, we would have only attempted to utilize already decrypted
data if it was enough to fill the size of buffer requested, that could
very well be up to 32 kilobytes.

With keep-alive connections this would just lead to recv blocking
until rw_timeout had been reached, as the connection would not be
officially closed after each transfer. This would also lead to a
loop, as such timed out I/O request would just be attempted again.

By just returning the available decrypted data, keep-alive based
connectivity such as HLS playback is fixed with schannel.

(cherry picked from commit 6f8826e4aaddf1ee6cf3f333ed0e392a748382fe)

1 files changed, 6 insertions, 1 deletions

diff --git a/libavformat/tls_schannel.c b/libavformat/tls_schannel.c
index 7a8842e7fe..fec43ffafd 100644
--- a/libavformat/tls_schannel.c
+++ b/libavformat/tls_schannel.c
@@ -392,7 +392,12 @@ static int tls_read(URLContext *h, uint8_t *buf, int len)
     int size, ret;
     int min_enc_buf_size = len + SCHANNEL_FREE_BUFFER_SIZE;
 
-    if (len <= c->dec_buf_offset)
+    /* If we have some left-over data from previous network activity,
+     * return it first in case it is enough. It may contain
+     * data that is required to know whether this connection
+     * is still required or not, esp. in case of HTTP keep-alive
+     * connections. */
+    if (c->dec_buf_offset > 0)
         goto cleanup;
 
     if (c->sspi_close_notify)