RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-04-01 22:48:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

MINOR: ssl: Don't disable early data handling if we could not write.

Browse Source 
If we can't write early data, for some reason, don't give up on reading them,
they may still be early data to be read, and if we don't do so, openssl
internal states might be inconsistent, and the handshake will fail.
This commit is contained in:
Olivier Houchard 2017-11-22 19:12:10 +01:00 committed by Willy Tarreau
parent 777e4b98a3
commit 424ecfb33c
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/ssl_sock.c
View File

@ -5514,7 +5514,6 @@ static int ssl_sock_from_buf(struct connection *conn, struct buffer *buf, int fl
if (try + conn->tmp_early_data > max_early) {
try -= (try + conn->tmp_early_data) - max_early;
if (try <= 0) {
conn->flags &= ~CO_FL_EARLY_SSL_HS;
conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
break;
}