Don't wait for _writable_ when _reading_ an SSL socket.

Also, don't select() at all if SSL_pending() says there's data to
read.

Patch by Fabian Mauchle.

1 files changed, 11 insertions, 10 deletions

diff --git a/tls.c b/tls.c
index 4197069..9b8e7be 100644
--- a/tls.c
+++ b/tls.c
@@ -165,7 +165,7 @@ int tlsconnect(struct server *server, struct timeval *when, int timeout, char *t
 /* returns 0 on timeout, -1 on error and num if ok */
 int sslreadtimeout(SSL *ssl, unsigned char *buf, int num, int timeout) {
     int s, ndesc, cnt, len;
-    fd_set readfds, writefds;
+    fd_set readfds;
     struct timeval timer;
 
     s = SSL_get_fd(ssl);
@@ -173,16 +173,17 @@ int sslreadtimeout(SSL *ssl, unsigned char *buf, int num, int timeout) {
 	return -1;
     /* make socket non-blocking? */
     for (len = 0; len < num; len += cnt) {
-	FD_ZERO(&readfds);
-	FD_SET(s, &readfds);
-	writefds = readfds;
-	if (timeout) {
-	    timer.tv_sec = timeout;
-	    timer.tv_usec = 0;
+	if (SSL_pending(ssl) == 0) {
+            FD_ZERO(&readfds);
+            FD_SET(s, &readfds);
+            if (timeout) {
+                timer.tv_sec = timeout;
+                timer.tv_usec = 0;
+            }
+	    ndesc = select(s + 1, &readfds, NULL, NULL, timeout ? &timer : NULL);
+            if (ndesc < 1)
+                return ndesc;
 	}
-	ndesc = select(s + 1, &readfds, &writefds, NULL, timeout ? &timer : NULL);
-	if (ndesc < 1)
-	    return ndesc;
 
 	cnt = SSL_read(ssl, buf + len, num - len);
 	if (cnt <= 0)