websocket: Consider pending SSL data when waiting for socket input

When TLS is in use, checking the readiness of the underlying FD is insufficient for determining if there is data available to be read. So before polling the FD, check if there is any buffered data in the TLS layer and use that first. ASTERISK-28562 #close Reported by: Robert Sutton Change-Id: I95fcb3e2004700d5cf8e5ee04943f0115b15e10d
2025-09-18 18:58:22 +00:00 · 2019-11-26 14:24:10 -05:00
parent cee68ea4f2
commit 87110c1bdf
5 changed files with 51 additions and 4 deletions
--- a/main/iostream.c
+++ b/main/iostream.c
@@ -86,6 +86,20 @@ int ast_iostream_get_fd(struct ast_iostream *stream)
 	return stream->fd;
 }

+int ast_iostream_wait_for_input(struct ast_iostream *stream, int timeout)
+{
+#if defined(DO_SSL)
+	/* Because SSL is read in blocks, it's possible that the last time we read we
+	   got more than we asked for and it is now buffered inside OpenSSL. If that
+	   is the case, calling ast_wait_for_input() will block until the fd is ready
+	   for reading again, which might never happen. */
+	if (stream->ssl && SSL_pending(stream->ssl)) {
+		return 1;
+	}
+#endif
+	return ast_wait_for_input(stream->fd, timeout);
+}
+
 void ast_iostream_nonblock(struct ast_iostream *stream)
 {
 	ast_fd_set_flags(stream->fd, O_NONBLOCK);