summaryrefslogtreecommitdiffstats
path: root/libnetdata/socket/socket.c
diff options
context:
space:
mode:
Diffstat (limited to 'libnetdata/socket/socket.c')
-rw-r--r--libnetdata/socket/socket.c57
1 files changed, 51 insertions, 6 deletions
diff --git a/libnetdata/socket/socket.c b/libnetdata/socket/socket.c
index 4344d982a1..6c288f505d 100644
--- a/libnetdata/socket/socket.c
+++ b/libnetdata/socket/socket.c
@@ -919,6 +919,53 @@ int connect_to_one_of_urls(const char *destination, int default_port, struct tim
}
+#ifdef ENABLE_HTTPS
+ssize_t netdata_ssl_read(SSL *ssl, void *buf, size_t num) {
+ error_limit_static_thread_var(erl, 1, 0);
+
+ int bytes, err, retries = 0;
+
+ do {
+ bytes = SSL_read(ssl, buf, (int)num);
+ err = SSL_get_error(ssl, bytes);
+ retries++;
+ } while (bytes <= 0 && (err == SSL_ERROR_WANT_READ));
+
+ if(unlikely(bytes <= 0))
+ error("SSL_read() returned %d bytes, SSL error %d", bytes, err);
+
+ if(retries > 1)
+ error_limit(&erl, "SSL_read() retried %d times", retries);
+
+ return bytes;
+}
+
+ssize_t netdata_ssl_write(SSL *ssl, const void *buf, size_t num) {
+ error_limit_static_thread_var(erl, 1, 0);
+
+ int bytes, err, retries = 0;
+ size_t total = 0;
+
+ do {
+ bytes = SSL_write(ssl, (uint8_t *)buf + total, (int)(num - total));
+ err = SSL_get_error(ssl, bytes);
+ retries++;
+
+ if(bytes > 0)
+ total += bytes;
+
+ } while ((bytes <= 0 && (err == SSL_ERROR_WANT_WRITE)) || (bytes > 0 && total < num));
+
+ if(unlikely(bytes <= 0))
+ error("SSL_read() returned %d bytes, SSL error %d", bytes, err);
+
+ if(retries > 1)
+ error_limit(&erl, "SSL_read() retried %d times", retries);
+
+ return bytes;
+}
+#endif
+
// --------------------------------------------------------------------------------------------------------------------
// helpers to send/receive data in one call, in blocking mode, with a timeout
@@ -956,12 +1003,10 @@ ssize_t recv_timeout(int sockfd, void *buf, size_t len, int flags, int timeout)
}
#ifdef ENABLE_HTTPS
- if (ssl->conn) {
- if (!ssl->flags) {
- return SSL_read(ssl->conn,buf,len);
- }
- }
+ if (ssl->conn && ssl->flags == NETDATA_SSL_HANDSHAKE_COMPLETE)
+ return netdata_ssl_read(ssl->conn, buf, len);
#endif
+
return recv(sockfd, buf, len, flags);
}
@@ -1001,7 +1046,7 @@ ssize_t send_timeout(int sockfd, void *buf, size_t len, int flags, int timeout)
#ifdef ENABLE_HTTPS
if(ssl->conn) {
if (ssl->flags == NETDATA_SSL_HANDSHAKE_COMPLETE) {
- return SSL_write(ssl->conn, buf, len);
+ return netdata_ssl_write(ssl->conn, buf, len);
}
else {
error("cannot write to SSL connection - connection is not ready.");
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-07 16:48:24 +0000