clean the error-queue is case we have a read/write error

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@789 152afb58-edef-0310-8abb-c4023f1b3aa9
17 years ago · c949273aa4
2 changed files with 30 additions and 12 deletions
--- a/src/connections.c
+++ b/src/connections.c
@ -240,6 +240,24 @@ static int connection_handle_read(server *srv, connection *con) {
 			case SSL_ERROR_WANT_READ:
 				return 0;
 			case SSL_ERROR_SYSCALL:
+				/**
+				 * man SSL_get_error()
+				 * 
+				 * SSL_ERROR_SYSCALL
+				 *   Some I/O error occurred.  The OpenSSL error queue may contain more 
+				 *   information on the error.  If the error queue is empty (i.e.
+				 *   ERR_get_error() returns 0), ret can be used to find out more about 
+				 *   the error: If ret == 0, an EOF was observed that violates the
+				 *   protocol.  If ret == -1, the underlying BIO reported an I/O error 
+				 *   (for socket I/O on Unix systems, consult errno for details).
+				 *
+				 */
+				while((ssl_err = ERR_get_error())) {
+					/* get all errors from the error-queue */
+					log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:", 
+							r, ERR_error_string(ssl_err, NULL));
+				}
+
 				switch(errno) {
 				default:
 					log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL:", 
@ -258,14 +276,10 @@ static int connection_handle_read(server *srv, connection *con) {
 				
 				/* fall thourgh */
 			default:
-				ssl_err = ERR_get_error();
-				switch(ssl_err) {
-				case SSL_F_SSL23_GET_CLIENT_HELLO:
-					/* a unencrypted HTTP request on a HTTPS socket. Do a redirect to the right location */
-				default:
+				while((ssl_err = ERR_get_error())) {
+					/* get all errors from the error-queue */
 					log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:", 
 							r, ERR_error_string(ssl_err, NULL));
-					break;
 				}
 				break;
 			}
--- a/src/network_openssl.c
+++ b/src/network_openssl.c
@ -85,9 +85,11 @@ int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chu
 				case SSL_ERROR_SYSCALL:
 					/* perhaps we have error waiting in our error-queue */
 					if (0 != (err = ERR_get_error())) {
-						log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:", 
-								ssl_r, r,
-								ERR_error_string(err, NULL));
+						do {
+							log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:", 
+									ssl_r, r,
+									ERR_error_string(err, NULL));
+						} while((err = ERR_get_error()));
 					} else if (r == -1) {
 						/* no, but we have errno */
 						switch(errno) {
@ -114,9 +116,11 @@ int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chu
 					
 					/* fall thourgh */
 				default:
-					log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:", 
-							ssl_r, r,
-							ERR_error_string(ERR_get_error(), NULL));
+					while((err = ERR_get_error())) {
+						log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:", 
+								ssl_r, r,
+								ERR_error_string(err, NULL));
+					}
 					
 					return  -1;
 				}