Merge pull request #243 from manuels/master

Fix probelms with DTLS when no packets are pending.

openssl-sys/src/lib.rs

@@ -528,6 +528,7 @@ extern "C" {
     pub fn SSL_get_SSL_CTX(ssl: *mut SSL) -> *mut SSL_CTX;
     pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const COMP_METHOD;
     pub fn SSL_get_peer_certificate(ssl: *mut SSL) -> *mut X509;
+    pub fn SSL_get_ssl_method(ssl: *mut SSL) -> *const SSL_METHOD;
 
     pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;
 

openssl/src/ssl/mod.rs

@@ -143,6 +143,25 @@ impl SslMethod {
         }
     }
 
+    unsafe fn from_raw(method: *const ffi::SSL_METHOD) -> Option<SslMethod> {
+        match method {
+            #[cfg(feature = "sslv2")]
+            x if x == ffi::SSLv2_method() => Some(SslMethod::Sslv2),
+            x if x == ffi::SSLv3_method() => Some(SslMethod::Sslv3),
+            x if x == ffi::TLSv1_method() => Some(SslMethod::Tlsv1),
+            x if x == ffi::SSLv23_method() => Some(SslMethod::Sslv23),
+            #[cfg(feature = "tlsv1_1")]
+            x if x == ffi::TLSv1_1_method() => Some(SslMethod::Tlsv1_1),
+            #[cfg(feature = "tlsv1_2")]
+            x if x == ffi::TLSv1_2_method() => Some(SslMethod::Tlsv1_2),
+            #[cfg(feature = "dtlsv1")]
+            x if x == ffi::DTLSv1_method() => Some(SslMethod::Dtlsv1),
+            #[cfg(feature = "dtlsv1_2")]
+            x if x == ffi::DTLSv1_2_method() => Some(SslMethod::Dtlsv1_2),
+            _ => None,
+        }
+    }
+
     #[cfg(feature = "dtlsv1")]
     pub fn is_dtlsv1(&self) -> bool {
         *self == SslMethod::Dtlsv1
@@ -789,6 +808,13 @@ impl Ssl {
             ffi::SSL_pending(self.ssl) as usize
         }
     }
+
+    pub fn get_ssl_method(&self) -> Option<SslMethod> {
+        unsafe {
+            let method = ffi::SSL_get_ssl_method(self.ssl);
+            SslMethod::from_raw(method)
+        }
+    }
 }
 
 macro_rules! make_LibSslError {
@@ -890,8 +916,16 @@ impl<S: Read+Write> IndirectStream<S> {
                 LibSslError::ErrorWantRead => {
                     try_ssl_stream!(self.flush());
                     let len = try_ssl_stream!(self.stream.read(&mut self.buf[..]));
+
+
                     if len == 0 {
+                        let method = self.ssl.get_ssl_method();
+
+                        if method.map(|m| m.is_dtls()).unwrap_or(false) {
+                            return Ok(0);
+                        } else {
                             self.ssl.get_rbio().set_eof(true);
+                        }
                     } else {
                         try_ssl_stream!(self.ssl.get_rbio().write_all(&self.buf[..len]));
                     }

openssl/src/ssl/tests.rs

@@ -51,7 +51,7 @@ macro_rules! run_test(
             use std::net::TcpStream;
             use ssl;
             use ssl::SslMethod;
-            use ssl::{SslContext, SslStream, VerifyCallback};
+            use ssl::{SslContext, Ssl, SslStream, VerifyCallback};
             use ssl::SSL_VERIFY_PEER;
             use crypto::hash::Type::SHA256;
             use x509::X509StoreContext;
@@ -86,6 +86,11 @@ run_test!(new_sslstream, |method, stream| {
     SslStream::connect_generic(&SslContext::new(method).unwrap(), stream).unwrap();
 });
 
+run_test!(get_ssl_method, |method, _| {
+    let ssl = Ssl::new(&SslContext::new(method).unwrap()).unwrap();
+    assert_eq!(ssl.get_ssl_method(), Some(method));
+});
+
 run_test!(verify_untrusted, |method, stream| {
     let mut ctx = SslContext::new(method).unwrap();
     ctx.set_verify(SSL_VERIFY_PEER, None);