Upstream issue 18345
Link: https://issues.asterisk.org/jira/browse/ASTERISK-18345
Patch-By: Filip Jenicek

Submitted upstream:   2012-05-31 09:12
For Asterisk version: 1.8.4

The HOOK_T ssl_read function should behave the same way as the system read function 
by blocking and waiting for (more) data from the SSL subsystem. Failure to do this 
will drop data on the floor and ultimately disconnect SSL clients.

--- asterisk/main/tcptls.c
+++ asterisk/main/tcptls.c
@@ -55,6 +55,14 @@
 static HOOK_T ssl_read(void *cookie, char *buf, LEN_T len)
 {
 	int i = SSL_read(cookie, buf, len-1);
+
+	/* ssl_read should block and wait for the SSL layer to provide all data */
+	while (i < 0 && SSL_get_error(cookie, i) == SSL_ERROR_WANT_READ) {
+		ast_debug(1, "SSL_read - data not ready.\n");
+		if (ast_wait_for_input(SSL_get_fd(cookie), 5000) <= 0) return 0;
+		i = SSL_read(cookie, buf, len-1);
+	}
+
 #if 0
 	if (i >= 0)
 		buf[i] = '\0';