Mod to add retry to timed-out SSL_read(): TLSConnection.cc

andreim-sv · luisremis · commit 7a77e0ce5404 · 2022-03-15T08:07:31.000-07:00
diff --git a/src/comm/TLSConnection.cc b/src/comm/TLSConnection.cc
@@ -10,6 +10,7 @@
 #include <netdb.h>
 #include <string>
 #include <unistd.h>
+#include <glog/logging.h>
 
 #include "comm/Exception.h"
 #include "util/gcc_util.h"
@@ -31,35 +32,64 @@ TLSConnection::TLSConnection(
 {
 }
 
+static long msec_diff(const struct timespec& a,
+                      const struct timespec& b)
+{
+    return
+        (a.tv_sec  - b.tv_sec)  * 1000 +
+        (a.tv_nsec - b.tv_nsec) / 1000000;
+}
+
 size_t TLSConnection::read(uint8_t* buffer, size_t length)
 {
+again:
+    timespec t1;
+    clock_gettime(CLOCK_REALTIME_COARSE, &t1);
+
+    errno = 0;
     auto count = SSL_read(_tls_socket->_ssl, buffer, length);
+    int errno_r = errno;
 
     if (count <= 0) {
         auto error = SSL_get_error(_tls_socket->_ssl, count);
 
-        DISABLE_WARNING(logical-op)
         if (error == SSL_ERROR_ZERO_RETURN) {
-            THROW_EXCEPTION(ConnectionShutDown, "Closing Connection.");
+            THROW_EXCEPTION(ConnectionShutDown, // FIXME -- misleading 'ConnectionShutDown'
+                     errno_r, "SSL_read()", error); // Peer closed conn for writing, so no more reads
         }
-        else if (error == SSL_ERROR_SYSCALL && (!errno || errno == EAGAIN)) {
-            THROW_EXCEPTION(ConnectionShutDown, "Closing Connection.");
+        else if (error == SSL_ERROR_WANT_READ) {
+            if (errno_r == EAGAIN) {
+                timespec t2;
+                clock_gettime(CLOCK_REALTIME_COARSE, &t2);
+                auto dt = msec_diff(t2, t1);
+                VLOG(3) << "SSL_read(): no activity for " << dt << " msec. Going back to reading";
+                goto again;
+            } else {
+                // This error is recoverable. Consider handling it.
+                THROW_EXCEPTION(ReadFail, errno_r, "SSL_read()", error);
+            }
+        }
+        else if (error == SSL_ERROR_SYSCALL ||
+                 error == SSL_ERROR_SSL) {
+            THROW_EXCEPTION(ConnectionShutDown, errno_r, "SSL_read()", error);
+            // FIXME: *we* must close the conn
         }
         else {
-            THROW_EXCEPTION(ReadFail);
+            THROW_EXCEPTION(ReadFail, errno_r, "SSL_read()", error);
         }
-        ENABLE_WARNING(logical-op)
     }
 
     return static_cast<size_t>(count);
 }
 
 size_t TLSConnection::write(const uint8_t* buffer, size_t length)
 {
+    errno = 0;
     auto count = SSL_write(_tls_socket->_ssl, buffer, static_cast<int>(length));
-
+    int errno_r = errno;
     if (count <= 0) {
-        THROW_EXCEPTION(WriteFail, "Error sending message.");
+        auto error = SSL_get_error(_tls_socket->_ssl, count);
+        THROW_EXCEPTION(WriteFail, errno_r, "SSL_write()", error);
     }
 
     return static_cast<size_t>(count);
