mirror of
https://github.com/warmcat/libwebsockets.git
synced 2025-03-16 00:00:07 +01:00
ea50c8722c
If a client connects to a SSL server and the server sends handshake alert (e.g. no matching ciphers) SSL_connect() fails, but because SSL_ERROR_SSL return value is not handled, it's not considered a failure. SSL_want_read() will return 1 and the client will happily wait for more data from the server. Now if the server closes connection after sending handshake alert, POLLIN event will be triggered, lws_tls_client_connect() called again, but SSL_connect() will fail without calling read(), so the client will end up consuming 100% CPU because POLLIN will be triggered repeatedly. Similar error handling is used in lws_tls_server_accept() and the condition checks for SSL_ERROR_SSL. Using the same condition in lws_tls_client_connect() fixes the problem. Tested with OpenSSL 1.0.2k. |
||
|---|---|---|
| .. | ||
| mbedtls | ||
| openssl | ||
| lws-gencrypto-common.c | ||
| lws-genec-common.c | ||
| private-lib-tls.h | ||
| private-network.h | ||
| tls-client.c | ||
| tls-network.c | ||
| tls-server.c | ||
| tls.c | ||