|
 |
85cb4d |
diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
|
|
|
85cb4d |
index 0958135..018b667 100644
|
|
|
85cb4d |
--- a/modules/ssl/ssl_engine_io.c
|
|
|
85cb4d |
+++ b/modules/ssl/ssl_engine_io.c
|
|
|
85cb4d |
@@ -200,6 +200,8 @@ static int bio_filter_out_write(BIO *bio, const char *in, int inl)
|
|
|
52592b |
apr_bucket *e;
|
|
|
52592b |
int need_flush;
|
|
|
52592b |
|
|
|
52592b |
+ BIO_clear_retry_flags(bio);
|
|
|
52592b |
+
|
|
|
85cb4d |
#ifndef SSL_OP_NO_RENEGOTIATION
|
|
|
52592b |
/* Abort early if the client has initiated a renegotiation. */
|
|
|
52592b |
if (outctx->filter_ctx->config->reneg_state == RENEG_ABORT) {
|
|
|
85cb4d |
@@ -208,12 +210,6 @@ static int bio_filter_out_write(BIO *bio, const char *in, int inl)
|
|
|
52592b |
}
|
|
|
85cb4d |
#endif
|
|
|
52592b |
|
|
|
52592b |
- /* when handshaking we'll have a small number of bytes.
|
|
|
52592b |
- * max size SSL will pass us here is about 16k.
|
|
|
52592b |
- * (16413 bytes to be exact)
|
|
|
52592b |
- */
|
|
|
52592b |
- BIO_clear_retry_flags(bio);
|
|
|
52592b |
-
|
|
|
52592b |
/* Use a transient bucket for the output data - any downstream
|
|
|
52592b |
* filter must setaside if necessary. */
|
|
|
52592b |
e = apr_bucket_transient_create(in, inl, outctx->bb->bucket_alloc);
|
|
|
85cb4d |
@@ -460,6 +456,8 @@ static int bio_filter_in_read(BIO *bio, char *in, int inlen)
|
|
|
52592b |
if (!in)
|
|
|
52592b |
return 0;
|
|
|
52592b |
|
|
|
52592b |
+ BIO_clear_retry_flags(bio);
|
|
|
52592b |
+
|
|
|
85cb4d |
#ifndef SSL_OP_NO_RENEGOTIATION
|
|
|
52592b |
/* Abort early if the client has initiated a renegotiation. */
|
|
|
52592b |
if (inctx->filter_ctx->config->reneg_state == RENEG_ABORT) {
|
|
|
85cb4d |
@@ -468,8 +466,6 @@ static int bio_filter_in_read(BIO *bio, char *in, int inlen)
|
|
|
52592b |
}
|
|
|
85cb4d |
#endif
|
|
|
52592b |
|
|
|
52592b |
- BIO_clear_retry_flags(bio);
|
|
|
52592b |
-
|
|
|
52592b |
if (!inctx->bb) {
|
|
|
52592b |
inctx->rc = APR_EOF;
|
|
|
52592b |
return -1;
|