New SSL API mode 'SSL_MODE_AUTO_RETRY', which disables the default
[openssl.git] / ssl / s3_pkt.c
index e3d02e6..1414079 100644 (file)
@@ -899,19 +899,21 @@ start:
                                        return(-1);
                                        }
 
-                               if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+                               if (!(s->mode & SSL_MODE_AUTO_RETRY))
                                        {
-                                       BIO *bio;
-                                       /* In the case where we try to read application data
-                                        * the first time, but we trigger an SSL handshake, we
-                                        * return -1 with the retry option set.  I do this
-                                        * otherwise renegotiation can cause nasty problems 
-                                        * in the blocking world */ /* ? */
-                                       s->rwstate=SSL_READING;
-                                       bio=SSL_get_rbio(s);
-                                       BIO_clear_retry_flags(bio);
-                                       BIO_set_retry_read(bio);
-                                       return(-1);
+                                       if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+                                               {
+                                               BIO *bio;
+                                               /* In the case where we try to read application data,
+                                                * but we trigger an SSL handshake, we return -1 with
+                                                * the retry option set.  Otherwise renegotiation may
+                                                * cause nasty problems in the blocking world */
+                                               s->rwstate=SSL_READING;
+                                               bio=SSL_get_rbio(s);
+                                               BIO_clear_retry_flags(bio);
+                                               BIO_set_retry_read(bio);
+                                               return(-1);
+                                               }
                                        }
                                }
                        }
@@ -1022,19 +1024,21 @@ start:
                        return(-1);
                        }
 
-               if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+               if (!(s->mode & SSL_MODE_AUTO_RETRY))
                        {
-                       BIO *bio;
-                       /* In the case where we try to read application data
-                        * the first time, but we trigger an SSL handshake, we
-                        * return -1 with the retry option set.  I do this
-                        * otherwise renegotiation can cause nasty problems 
-                        * in the blocking world */ /* ? */
-                       s->rwstate=SSL_READING;
-                       bio=SSL_get_rbio(s);
-                       BIO_clear_retry_flags(bio);
-                       BIO_set_retry_read(bio);
-                       return(-1);
+                       if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+                               {
+                               BIO *bio;
+                               /* In the case where we try to read application data,
+                                * but we trigger an SSL handshake, we return -1 with
+                                * the retry option set.  Otherwise renegotiation may
+                                * cause nasty problems in the blocking world */
+                               s->rwstate=SSL_READING;
+                               bio=SSL_get_rbio(s);
+                               BIO_clear_retry_flags(bio);
+                               BIO_set_retry_read(bio);
+                               return(-1);
+                               }
                        }
                goto start;
                }