TLS: do not ignore readpaused flag in certain circumstances

In some circumstances generic TLS code could have resumed data reading unexpectedly on the TCP layer code. Due to this, the behaviour of isc_nm_pauseread() and isc_nm_resumeread() might have been unexpected. This commit fixes that. The bug does not seems to have real consequences in the existing code due to the way the code is used. However, the bug could have lead to unexpected behaviour and, at any rate, makes the TLS code behave differently from the TCP code, with which it attempts to be as compatible as possible. (cherry picked from commit ec0647d546204a0e09aeaf0e2aabb37f1fb67dd0)
2026-05-28 04:34:54 -04:00 · 2022-07-29 19:33:25 +03:00 · 2022-07-29 19:33:25 +03:00 · c2fa72027c
commit c2fa72027c
parent 097a57e804
1 changed files with 10 additions and 5 deletions
--- a/lib/isc/netmgr/tlsstream.c
+++ b/lib/isc/netmgr/tlsstream.c
@ -493,6 +493,13 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
 				if (sock->statichandle == NULL) {
 					finish = true;
 					break;
+				} else if (atomic_load(&sock->readpaused)) {
+					/*
+					 * Reading has been paused from withing
+					 * the context of read callback - stop
+					 * processing incoming data.
+					 */
+					break;
 				}
 			}
 		}
@ -543,11 +550,9 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
 		}
 		return;
 	case SSL_ERROR_WANT_READ:
-		if (tls_try_to_close_unused_socket(sock)) {
-			return;
-		}
-
-		if (sock->outerhandle == NULL) {
+		if (tls_try_to_close_unused_socket(sock) ||
+		    sock->outerhandle == NULL || atomic_load(&sock->readpaused))
+		{
 			return;
 		}