From 0d32056e7b14bd029aa375f59230a3ad3e2bae51 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Sat, 20 Nov 2021 16:42:16 +0100 Subject: wolfSSL: workaround 5.0.0 SSL_peek() not truly blocking. SSL_peek() may return 0 on blocking I/O with SSL_get_error() returning SSL_ERROR_WANT_READ. This should not occur on blocking I/O, and does not occur with OpenSSL 1.0.2, 1.1.1, 3.0. This caused a socket error right after SSL negotiation. --- socket.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/socket.c b/socket.c index 5cf0567c..6fee32ea 100644 --- a/socket.c +++ b/socket.c @@ -521,7 +521,8 @@ int SockRead(int sock, char *buf, int len) /* SSL_peek says no data... Does he mean no data or did the connection blow up? If we got an error then bail! */ - if (0 != SSL_get_error(ssl, n)) { + int r = SSL_get_error(ssl, n); + if (r != 0 && r != SSL_ERROR_WANT_READ) { return -1; } /* We didn't get an error so read at least one -- cgit v1.2.3