diff options
| author | Fedor Indutny <fedor.indutny@gmail.com> | 2013-05-25 01:02:34 +0400 |
|---|---|---|
| committer | isaacs <i@izs.me> | 2013-05-24 15:03:48 -0700 |
| commit | f7ff8b4454513557ca8854cb1bf8a3539946fd11 (patch) | |
| tree | 43786d33c20e20a1d756812585611b60770f3cb5 /lib/tls.js | |
| parent | 074e823a81f2b1a5c954b0d6dfc5e10a4bed96ab (diff) | |
| download | android-node-v8-f7ff8b4454513557ca8854cb1bf8a3539946fd11.tar.gz android-node-v8-f7ff8b4454513557ca8854cb1bf8a3539946fd11.tar.bz2 android-node-v8-f7ff8b4454513557ca8854cb1bf8a3539946fd11.zip | |
tls: retry writing after hello parse error
When writing bad data to EncryptedStream it'll first get to the
ClientHello parser, and, only after it will refuse it, to the OpenSSL.
But ClientHello parser has limited buffer and therefore write could
return `bytes_written` < `incoming_bytes`, which is not the case when
working with OpenSSL.
After such errors ClientHello parser disables itself and will
pass-through all data to the OpenSSL. So just trying to write data one
more time will throw the rest into OpenSSL and let it handle it.
Diffstat (limited to 'lib/tls.js')
| -rw-r--r-- | lib/tls.js | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/tls.js b/lib/tls.js index 1ff0d5d679..7bf0ca1886 100644 --- a/lib/tls.js +++ b/lib/tls.js @@ -253,6 +253,7 @@ function CryptoStream(pair, options) { this._pendingEncoding = ''; this._pendingCallback = null; this._doneFlag = false; + this._retryAfterPartial = false; this._resumingSession = false; this._reading = true; this._destroyed = false; @@ -361,7 +362,13 @@ CryptoStream.prototype._write = function write(data, encoding, cb) { return cb(null); } - assert(written === 0 || written === -1); + if (written !== 0 && written !== -1) { + assert(!this._retryAfterPartial); + this._retryAfterPartial = true; + this._write(data.slice(written), encoding, cb); + this._retryAfterPartial = false; + return; + } } else { debug('cleartext.write queue is full'); |