From: Allan Streib Subject: Re: net/pidgin: openssl: send failed: -1 with purple-teams To: ports@openbsd.org Date: Thu, 18 Apr 2024 22:51:34 -0400 I looked at the files/ssl-openssl.c in this port. In the ssl_openssl_write function, if there is an error other than SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE then the execution falls through to return 0. I changed the code to include the actual result from the SSL_get_error function in the debug message, and return -1 instead of falling through to return 0. The ssl_gnutls_write function does that, and it seems quite similar. Not sure which one is based upon the other. ssl_gnutls_write also sets errno = EIO in this situation, so I added that as well. The ssl_openssl_read function is quite similar, and though I have not seen any errors from that, I made the same changes there. This has made a big improvement, I still see a few errors, maybe 10 or 12 at a time, which are all "openssl: send failed: 5" but not the many thousands that I saw before. The cpu load of the finch process stays quite low. I tried to make a diff for this. It seems to fix my problem, but don't know if introduces any others, so I offer it for what it's worth.... Index: Makefile =================================================================== RCS file: /cvs/ports/net/pidgin/Makefile,v retrieving revision 1.161 diff -u -p -u -r1.161 Makefile --- Makefile 27 Sep 2023 14:18:28 -0000 1.161 +++ Makefile 19 Apr 2024 02:21:26 -0000 @@ -3,6 +3,7 @@ COMMENT-finch= multi-protocol instant me COMMENT-libpurple= multi-protocol instant messaging library VERSION= 2.14.12 +REVISION= 0 DISTNAME= pidgin-${VERSION} PKGNAME-main= pidgin-${VERSION} PKGNAME-finch= finch-${VERSION} Index: files/ssl-openssl.c =================================================================== RCS file: /cvs/ports/net/pidgin/files/ssl-openssl.c,v retrieving revision 1.11 diff -u -p -u -r1.11 ssl-openssl.c --- files/ssl-openssl.c 11 Mar 2022 19:46:55 -0000 1.11 +++ files/ssl-openssl.c 19 Apr 2024 02:21:26 -0000 @@ -203,8 +203,9 @@ ssl_openssl_read(PurpleSslConnection *gs return (-1); } - purple_debug_error("openssl", "receive failed: %zi\n", s); - s = 0; + purple_debug_error("openssl", "receive failed: %d\n", ret); + errno = EIO; + return (-1); } return (s); @@ -229,8 +230,9 @@ ssl_openssl_write(PurpleSslConnection *g return (-1); } - purple_debug_error("openssl", "send failed: %zi\n", s); - s = 0; + purple_debug_error("openssl", "send failed: %d\n", ret); + errno = EIO; + return (-1); } return (s); -- Allan Streib Luddy School of Informatics, Computing, and Engineering Indiana University