socket.c: SSL_CTX_set_mode(SSL_MODE_AUTO_RETRY)

This is the proper fix for wolfSSL 5.0 and OpenSSL before 1.1.1 to avoid the "SSL_peek()" not truly blocking issue. Only OpenSSL 1.1.1 enables this mode by default, so make this explicit.
author: Matthias Andree <matthias.andree@gmx.de> 2021-11-28 13:05:55 +0100
committer: Matthias Andree <matthias.andree@gmx.de> 2021-11-28 13:05:55 +0100
commit: abfc13cfed4534279d5ba7abcce80ceea26a7cc0 (patch)
tree: 3159d3a87f685f66f8b49c173fedaaaedcfdd879
parent: 356b71a1ac60d429d68baf9dea4ad9eb67b50ad9 (diff)
download: fetchmail-abfc13cfed4534279d5ba7abcce80ceea26a7cc0.tar.gz
fetchmail-abfc13cfed4534279d5ba7abcce80ceea26a7cc0.tar.bz2
fetchmail-abfc13cfed4534279d5ba7abcce80ceea26a7cc0.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/socket.c b/socket.c
index bb3c1f16..8ac0ae79 100644
--- a/socket.c
+++ b/socket.c
@@ -1162,7 +1162,9 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
 		sslopts &= ~ SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
 	}
 
-	SSL_CTX_set_options(_ctx[sock], sslopts | avoid_ssl_versions);
+	(void)SSL_CTX_set_options(_ctx[sock], sslopts | avoid_ssl_versions);
+
+	(void)SSL_CTX_set_mode(_ctx[sock], SSL_MODE_AUTO_RETRY);
 
 	if (certck) {
 		SSL_CTX_set_verify(_ctx[sock], SSL_VERIFY_PEER, SSL_ck_verify_callback);
author	Matthias Andree <matthias.andree@gmx.de>	2021-11-28 13:05:55 +0100
committer	Matthias Andree <matthias.andree@gmx.de>	2021-11-28 13:05:55 +0100
commit	abfc13cfed4534279d5ba7abcce80ceea26a7cc0 (patch)
tree	3159d3a87f685f66f8b49c173fedaaaedcfdd879
parent	356b71a1ac60d429d68baf9dea4ad9eb67b50ad9 (diff)
download	fetchmail-abfc13cfed4534279d5ba7abcce80ceea26a7cc0.tar.gz fetchmail-abfc13cfed4534279d5ba7abcce80ceea26a7cc0.tar.bz2 fetchmail-abfc13cfed4534279d5ba7abcce80ceea26a7cc0.zip