TLS: do not ignore readpaused flag in certain circumstances

In some circumstances generic TLS code could have resumed data reading unexpectedly on the TCP layer code. Due to this, the behaviour of isc_nm_pauseread() and isc_nm_resumeread() might have been unexpected. This commit fixes that. The bug does not seems to have real consequences in the existing code due to the way the code is used. However, the bug could have lead to unexpected behaviour and, at any rate, makes the TLS code behave differently from the TCP code, with which it attempts to be as compatible as possible.
2025-08-29 13:38:26 +00:00 · 2022-07-29 19:33:25 +03:00 · 2022-07-29 19:33:25 +03:00 · 32565d0d65
commit 32565d0d65
parent b2395f5644
1 changed files with 10 additions and 5 deletions
--- a/lib/isc/netmgr/tlsstream.c
+++ b/lib/isc/netmgr/tlsstream.c
@ -492,6 +492,13 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
 				if (sock->statichandle == NULL) {
 					finish = true;
 					break;
+				} else if (atomic_load(&sock->readpaused)) {
+					/*
+					 * Reading has been paused from withing
+					 * the context of read callback - stop
+					 * processing incoming data.
+					 */
+					break;
 				}
 			}
 		}
@ -542,11 +549,9 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
 		}
 		return;
 	case SSL_ERROR_WANT_READ:
-		if (tls_try_to_close_unused_socket(sock)) {
-			return;
-		}
-
-		if (sock->outerhandle == NULL) {
+		if (tls_try_to_close_unused_socket(sock) ||
+		    sock->outerhandle == NULL || atomic_load(&sock->readpaused))
+		{
 			return;
 		}