From 6ee4060bfa0a0e860fc41413aaae5e6daa870f88 Mon Sep 17 00:00:00 2001 From: Pierre Joye Date: Sun, 20 Jun 2010 16:33:16 +0000 Subject: [PATCH] - #45808, stream_socket_enable_crypto() blocks and eats CPU --- NEWS | 2 ++ ext/openssl/xp_ssl.c | 11 ++++++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 72595129cd..03b0479cef 100644 --- a/NEWS +++ b/NEWS @@ -79,6 +79,8 @@ PHP NEWS requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) - Fixed 64-bit integer overflow in mhash_keygen_s2k(). (Clément LECIGNE, Stas) +- Fixed bug #45808 (stream_socket_enable_crypto() blocks and eats CPU). + (vincent at optilian dot com) - Fixed bug #52101 (dns_get_record() garbage in 'ipv6' field on Windows). (Pierre) - Fixed bug #52082 (character_set_client & character_set_connection reset after diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c index f1a4eb7e09..412a445d11 100644 --- a/ext/openssl/xp_ssl.c +++ b/ext/openssl/xp_ssl.c @@ -312,8 +312,12 @@ static inline int php_openssl_setup_crypto(php_stream *stream, SSL_METHOD *method; if (sslsock->ssl_handle) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS already set-up for this stream"); - return -1; + if (sslsock->s.is_blocked) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS already set-up for this stream"); + return -1; + } else { + return 0; + } } /* need to do slightly different things, based on client/server method, @@ -435,7 +439,8 @@ static inline int php_openssl_enable_crypto(php_stream *stream, } if (n <= 0) { - retry = handle_ssl_error(stream, n, 1 TSRMLS_CC); + retry = handle_ssl_error(stream, n, sslsock->is_client || sslsock->s.is_blocked TSRMLS_CC); + } else { break; } -- 2.40.0