Check for more data in control channel

If control channel packets arrive quickly after each other, or out of order, there might be more data available than we can read in one tls_process() call. If that happened, and no further control channel packet arrived (e.g. because the last two packets arrived out-of-order), we would wait for 16 second ("coarse timer") before we would read the remaining data. To avoid that, always schedule ourself again if there was control channel data, to check whether more data is available. For mbedtls, we could implement a slightly more elegant "is there more data?" function, instead of blindly rescheduling. But I can't find a way to implement that for OpenSSL, and the current solution is very simple and still has quite low overhead. Signed-off-by: Steffan Karger <[email protected]> Acked-by: David Sommerseth <[email protected]> Message-Id: <[email protected]> URL: https://www.mail-archive.com/[email protected]/msg16151.html Signed-off-by: David Sommerseth <[email protected]>
microbrick · Mar 7, 2018 · b00d56e · b00d56e
1 parent 5961250
commit b00d56e
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
@@ -2942,6 +2942,9 @@ tls_process(struct tls_multi *multi,
             {
                 state_change = true;
                 dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext");
+
+                /* More data may be available, wake up again asap to check. */
+                *wakeup = 0;
             }
         }