From b4b5ce761a3ea777cf07bd8d4c9c4c17958c12ae Mon Sep 17 00:00:00 2001
From: Eric Wong <e@80x24.org>
Date: Sat, 14 Jul 2018 00:56:30 +0000
Subject: openssl_client: do not attempt writes after SystemCallError

Whenever @ssl.write_nonblock fails due to ECONNRESET/EPIPE in
Rack::Deflater#each; Rack::Deflater#each will still attempt to
write again in the "ensure" statement via Zlib::GzipWriter#close.

This causes SSL_write to complain of "bad length" or
"bad write retry" errors.  Now, re-raise any SystemCallError
we caught from previous write_nonblock calls to prevent
calls to SSL_write which would trigger such an exception.
---
 lib/yahns/openssl_client.rb | 39 ++++++++++++++++++++++++++++++++-------
 1 file changed, 32 insertions(+), 7 deletions(-)

diff --git a/lib/yahns/openssl_client.rb b/lib/yahns/openssl_client.rb
index 0d376bd..c090083 100644
--- a/lib/yahns/openssl_client.rb
+++ b/lib/yahns/openssl_client.rb
@@ -40,15 +40,31 @@ module Yahns::OpenSSLClient # :nodoc:
   def kgio_trywrite(buf)
     len = buf.bytesize
     return if len == 0
-    buf = @ssl_blocked = buf.dup
+
+    case @ssl_blocked
+    when nil # likely
+      buf = @ssl_blocked = buf.dup
+    when Exception
+      raise @ssl_blocked
+    when String
+      if @ssl_blocked != buf
+        pfx = object_id
+        warn("#{pfx} BUG: ssl_blocked != buf\n" \
+             "#{pfx} ssl_blocked=#{@ssl_blocked.inspect}\n" \
+             "#{pfx} buf=#{buf.inspect}\n")
+        raise 'BUG: ssl_blocked} != buf'
+      end
+    end
+
     case rv = @ssl.write_nonblock(buf, exception: false)
     when :wait_readable, :wait_writable
-      return rv # do not clear ssl_blocked
+      rv # do not clear ssl_blocked
     when Integer
-      rv = len == rv ? nil : buf.byteslice(rv, len - rv)
+      @ssl_blocked = len == rv ? nil : buf.byteslice(rv, len - rv)
     end
-    @ssl_blocked = nil
-    rv
+  rescue SystemCallError => e # ECONNRESET/EPIPE
+    e.set_backtrace([])
+    raise(@ssl_blocked = e)
   end
 
   def kgio_trywritev(buf)
@@ -75,22 +91,31 @@ module Yahns::OpenSSLClient # :nodoc:
   def trysendio(io, offset, count)
     return 0 if count == 0
 
-    unless buf = @ssl_blocked
+    case buf = @ssl_blocked
+    when nil
       count = 0x4000 if count > 0x4000
       buf = Thread.current[:yahns_sfbuf] ||= ''.dup
       io.pos = offset
       buf = io.read(count, buf) or return # nil for EOF
       buf = @ssl_blocked = buf.dup
+    when Exception
+      raise buf
+    # when String # just use it as-is
     end
 
     # call write_nonblock directly since kgio_trywrite allocates
     # an unnecessary string
+    len = buf.size
     case rv = @ssl.write_nonblock(buf, exception: false)
     when :wait_readable, :wait_writable
       return rv # do not clear ssl_blocked
+    when Integer
+      @ssl_blocked = len == rv ? nil : buf.byteslice(rv, len - rv)
     end
-    @ssl_blocked = nil
     rv
+  rescue SystemCallError => e # ECONNRESET/EPIPE
+    e.set_backtrace([])
+    raise(@ssl_blocked = e)
   end
 
   def shutdown # we never call this with a how=SHUT_* arg
-- 
cgit v1.2.3-24-ge0c7