From a36a3d7fecdfc50691f01eef984cad6cedb6fb3a Mon Sep 17 00:00:00 2001 From: Rodger Combs Date: Mon, 13 Nov 2017 14:46:17 -0600 Subject: [PATCH] lavf/tls_securetransport: handle incomplete reads gracefully Signed-off-by: Aman Gupta --- libavformat/tls_securetransport.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/libavformat/tls_securetransport.c b/libavformat/tls_securetransport.c index b862e0003a..dc32eb1fa8 100644 --- a/libavformat/tls_securetransport.c +++ b/libavformat/tls_securetransport.c @@ -54,7 +54,7 @@ static int print_tls_error(URLContext *h, int ret) TLSContext *c = h->priv_data; switch (ret) { case errSSLWouldBlock: - break; + return AVERROR(EAGAIN); case errSSLXCertChainInvalid: av_log(h, AV_LOG_ERROR, "Invalid certificate chain\n"); return AVERROR(EIO); @@ -197,7 +197,8 @@ static OSStatus tls_read_cb(SSLConnectionRef connection, void *data, size_t *dat { URLContext *h = (URLContext*)connection; TLSContext *c = h->priv_data; - int read = ffurl_read_complete(c->tls_shared.tcp, data, *dataLength); + size_t requested = *dataLength; + int read = ffurl_read(c->tls_shared.tcp, data, requested); if (read <= 0) { *dataLength = 0; switch(AVUNERROR(read)) { @@ -214,7 +215,10 @@ static OSStatus tls_read_cb(SSLConnectionRef connection, void *data, size_t *dat } } else { *dataLength = read; - return noErr; + if (read < requested) + return errSSLWouldBlock; + else + return noErr; } } @@ -326,12 +330,13 @@ static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **op if (peerTrust) CFRelease(peerTrust); } - if (status == noErr) + if (status == noErr) { break; - - av_log(h, AV_LOG_ERROR, "Unable to negotiate TLS/SSL session: %i\n", (int)status); - ret = AVERROR(EIO); - goto fail; + } else if (status != errSSLWouldBlock) { + av_log(h, AV_LOG_ERROR, "Unable to negotiate TLS/SSL session: %i\n", (int)status); + ret = AVERROR(EIO); + goto fail; + } } return 0; @@ -348,6 +353,9 @@ static int map_ssl_error(OSStatus status, size_t processed) case errSSLClosedGraceful: case errSSLClosedNoNotify: return 0; + case errSSLWouldBlock: + if (processed > 0) + return processed; default: return (int)status; }