diff --git a/lib/roles/http/client/client-handshake.c b/lib/roles/http/client/client-handshake.c index 6a540f84c..0f5d83b34 100644 --- a/lib/roles/http/client/client-handshake.c +++ b/lib/roles/http/client/client-handshake.c @@ -203,13 +203,19 @@ send_hs: if (lwsi_state(wsi) == LRS_WAITING_CONNECT && (wsi->tls.use_ssl & LCCSCF_USE_SSL)) { + int result; - /* we can retry this... just cook the SSL BIO the first time */ + /* + * We can retry this... just cook the SSL BIO + * the first time + */ - switch (lws_client_create_tls(wsi, &cce, 1)) { - case 0: + result = lws_client_create_tls(wsi, &cce, 1); + lwsl_debug("%s: create_tls said %d\n", __func__, result); + switch (result) { + case CCTLS_RETURN_DONE: break; - case 1: + case CCTLS_RETURN_RETRY: return wsi; default: goto failed; @@ -226,12 +232,11 @@ send_hs: __func__, wsi, lwsi_state(wsi)); if (lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS) - lwsi_set_state(wsi, LRS_WAITING_SSL); + lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, wsi->context->timeout_secs); - //if () - return wsi; + goto provoke_service; } #endif @@ -310,7 +315,9 @@ send_hs: * and won't until many retries from main loop. To stop that * becoming endless, cover with a timeout. */ - +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) +provoke_service: +#endif lws_set_timeout(wsi, PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE, wsi->context->timeout_secs); @@ -732,6 +739,7 @@ conn_good: wsi->protocol->callback(wsi, LWS_CALLBACK_WSI_CREATE, wsi->user_space, NULL, 0); + lwsl_debug("%s: going into connect_4\n", __func__); return lws_client_connect_4_established(wsi, NULL, plen); oom4: @@ -853,6 +861,7 @@ lws_client_connect_2_dnsreq(struct lws *wsi) return wsi; case ACTIVE_CONNS_QUEUED: + lwsl_debug("%s: ACTIVE_CONNS_QUEUED st 0x%x: \n", __func__, lwsi_state(wsi)); if (lwsi_state(wsi) == LRS_UNCONNECTED) { if (lwsi_role_h2(w)) lwsi_set_state(wsi, LRS_H2_WAITING_TO_SEND_HEADERS); diff --git a/lib/roles/http/client/client-http.c b/lib/roles/http/client/client-http.c index d4127939d..2fae41179 100644 --- a/lib/roles/http/client/client-http.c +++ b/lib/roles/http/client/client-http.c @@ -37,13 +37,13 @@ lws_client_create_tls(struct lws *wsi, const char **pcce, int do_c1) if (!wsi->tls.ssl) { if (lws_ssl_client_bio_create(wsi) < 0) { *pcce = "bio_create failed"; - return -1; + return CCTLS_RETURN_ERROR; } if (!wsi->transaction_from_pipeline_queue && lws_tls_restrict_borrow(wsi->context)) { *pcce = "tls restriction limit"; - return -1; + return CCTLS_RETURN_ERROR; } } @@ -51,11 +51,12 @@ lws_client_create_tls(struct lws *wsi, const char **pcce, int do_c1) return 0; n = lws_ssl_client_connect1(wsi); + lwsl_debug("%s: lws_ssl_client_connect1: %d\n", __func__, n); if (!n) - return 1; /* caller should return 0 */ + return CCTLS_RETURN_RETRY; /* caller should return 0 */ if (n < 0) { *pcce = "lws_ssl_client_connect1 failed"; - return -1; + return CCTLS_RETURN_ERROR; } } else wsi->tls.ssl = NULL; @@ -76,12 +77,12 @@ lws_client_create_tls(struct lws *wsi, const char **pcce, int do_c1) /* send the H2 preface to legitimize the connection */ if (lws_h2_issue_preface(wsi)) { *pcce = "error sending h2 preface"; - return -1; + return CCTLS_RETURN_ERROR; } } #endif - return 0; /* OK */ + return CCTLS_RETURN_DONE; /* OK */ } #endif diff --git a/lib/roles/http/private-lib-roles-http.h b/lib/roles/http/private-lib-roles-http.h index 2bf43fe06..0d9812dab 100644 --- a/lib/roles/http/private-lib-roles-http.h +++ b/lib/roles/http/private-lib-roles-http.h @@ -327,5 +327,11 @@ lws_sul_http_ah_lifecheck(lws_sorted_usec_list_t *sul); uint8_t * lws_http_multipart_headers(struct lws *wsi, uint8_t *p); +enum { + CCTLS_RETURN_ERROR = -1, + CCTLS_RETURN_DONE = 0, + CCTLS_RETURN_RETRY = 1, +}; + int lws_client_create_tls(struct lws *wsi, const char **pcce, int do_c1);