Merge pull request #4599 from julek-wolfssl/issue-4593

Add WOLFSSL_FORCE_AUTO_RETRY option: force retrying of network reads
2021-12-16 08:42:07 -08:00 · 2021-12-16 08:42:07 -08:00 · 424bd2d73d
commit 424bd2d73d
parent 3bd737b9ef afa6237f56
5 changed files with 39 additions and 2 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -8967,6 +8967,8 @@ retry:
                return -1;

            case WOLFSSL_CBIO_ERR_WANT_READ:      /* want read, would block */
+                if (ssl->ctx->autoRetry)
+                    goto retry;
                return WANT_READ;

            case WOLFSSL_CBIO_ERR_CONN_RST:       /* connection reset */
--- a/src/ssl.c
+++ b/src/ssl.c
@ -510,6 +510,7 @@ WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap)
 #ifdef OPENSSL_COMPATIBLE_DEFAULTS
    if (ctx) {
        wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
+        wolfSSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
        if (wolfSSL_CTX_set_min_proto_version(ctx,
                SSL3_VERSION) != WOLFSSL_SUCCESS ||
 #ifdef HAVE_ANON
@ -19896,6 +19897,9 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
                WOLFSSL_MSG("SSL_MODE_RELEASE_BUFFERS not implemented.");
                break;
            #endif
+            case SSL_MODE_AUTO_RETRY:
+                ctx->autoRetry = 1;
+                break;
            default:
                WOLFSSL_MSG("Mode Not Implemented");
        }
@ -19905,6 +19909,33 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,

        return mode;
    }
+
+    long wolfSSL_CTX_clear_mode(WOLFSSL_CTX* ctx, long mode)
+    {
+        /* WOLFSSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is wolfSSL default mode */
+
+        WOLFSSL_ENTER("SSL_CTX_set_mode");
+        switch(mode) {
+            case SSL_MODE_ENABLE_PARTIAL_WRITE:
+                ctx->partialWrite = 0;
+                break;
+            #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+            case SSL_MODE_RELEASE_BUFFERS:
+                WOLFSSL_MSG("SSL_MODE_RELEASE_BUFFERS not implemented.");
+                break;
+            #endif
+            case SSL_MODE_AUTO_RETRY:
+                ctx->autoRetry = 0;
+                break;
+            default:
+                WOLFSSL_MSG("Mode Not Implemented");
+        }
+
+        /* SSL_MODE_AUTO_RETRY
+         * Should not return -1 with renegotiation on read/write */
+
+        return 0;
+    }
 #endif

 #ifdef OPENSSL_EXTRA
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@ -2811,6 +2811,7 @@ struct WOLFSSL_CTX {
    byte        haveFalconSig:1;  /* server cert signed w/ Falcon */
    byte        haveStaticECC:1;  /* static server ECC private key */
    byte        partialWrite:1;   /* only one msg per write call */
+    byte        autoRetry:1;      /* retry read/write on a WANT_{READ|WRITE} */
    byte        quietShutdown:1;  /* don't send close notify */
    byte        groupMessages:1;  /* group handshake messages before sending */
    byte        minDowngrade;     /* minimum downgrade version */
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
@ -1000,6 +1000,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
 #define SSL_check_private_key           wolfSSL_check_private_key

 #define SSL_CTX_set_mode                wolfSSL_CTX_set_mode
+#define SSL_CTX_clear_mode              wolfSSL_CTX_clear_mode
 #define SSL_CTX_get_mode                wolfSSL_CTX_get_mode
 #define SSL_CTX_set_default_read_ahead  wolfSSL_CTX_set_default_read_ahead

--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@ -2146,8 +2146,9 @@ enum {
    SSL_CB_MODE_WRITE = 2,

    SSL_MODE_ENABLE_PARTIAL_WRITE = 2,
-    SSL_MODE_AUTO_RETRY = 3, /* wolfSSL default is to block with blocking io
-                              * and auto retry */
+    SSL_MODE_AUTO_RETRY = 3, /* wolfSSL default is to return WANT_{READ|WRITE}
+                              * to the user. This is set by default with
+                              * OPENSSL_COMPATIBLE_DEFAULTS. */
    SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */

    BIO_CLOSE   = 1,
@ -2483,6 +2484,7 @@ WOLFSSL_API int  wolfSSL_state(WOLFSSL* ssl);

 WOLFSSL_API void wolfSSL_cleanup_all_ex_data(void);
 WOLFSSL_API long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode);
+WOLFSSL_API long wolfSSL_CTX_clear_mode(WOLFSSL_CTX* ctx, long mode);
 WOLFSSL_API long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx);
 WOLFSSL_API void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m);
 WOLFSSL_API long wolfSSL_SSL_get_mode(WOLFSSL* ssl);