From f86b2193a483f56b0bd056570a0cdb57ebe66e2f Mon Sep 17 00:00:00 2001 From: Daniel Lowrey Date: Tue, 9 Sep 2014 07:37:57 -0600 Subject: Bug #67965: Fix blocking behavior in non-blocking crypto streams --- ext/openssl/xp_ssl.c | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c index 956ffd0547..76095b4df2 100644 --- a/ext/openssl/xp_ssl.c +++ b/ext/openssl/xp_ssl.c @@ -871,17 +871,19 @@ static int php_openssl_sockop_cast(php_stream *stream, int castas, void **ret TS case PHP_STREAM_AS_FD_FOR_SELECT: if (ret) { - if (sslsock->ssl_active) { - /* OpenSSL has an internal buffer which select() cannot see. If we don't - fetch it into the stream's buffer, no activity will be reported on the - stream even though there is data waiting to be read - but we only fetch - the number of bytes OpenSSL has ready to give us since we weren't asked - for any data at this stage. This is only likely to cause issues with - non-blocking streams, but it's harmless to always do it. */ - int bytes; - while ((bytes = SSL_pending(sslsock->ssl_handle)) > 0) { - php_stream_fill_read_buffer(stream, (size_t)bytes); - } + /* OpenSSL has an internal buffer which select() cannot see. If we don't + * fetch it into the stream's buffer, no activity will be reported on the + * stream even though there is data waiting to be read - but we only fetch + * the lower of bytes OpenSSL has ready to give us or chunk_size since we + * weren't asked for any data at this stage. This is only likely to cause + * issues with non-blocking streams, but it's harmless to always do it. */ + size_t pending; + if (stream->writepos == stream->readpos + && sslsock->ssl_active + && (pending = (size_t)SSL_pending(sslsock->ssl_handle)) > 0) { + php_stream_fill_read_buffer(stream, pending < stream->chunk_size + ? pending + : stream->chunk_size); } *(int *)ret = sslsock->s.socket; -- cgit v1.2.1