From ad86041433ad4e0e9c8e7ba0326705bc28c3afd7 Mon Sep 17 00:00:00 2001
From: Adam Potolsky <realspkr@gmail.com>
Date: Wed, 20 May 2015 14:27:25 -0700
Subject: [PATCH] Added code to test for and error out of max retry condition
 #4650

---
 src/lib/plugin/ns/SecureSocket.cpp | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/lib/plugin/ns/SecureSocket.cpp b/src/lib/plugin/ns/SecureSocket.cpp
index 94deca8a..7d7c9a83 100644
--- a/src/lib/plugin/ns/SecureSocket.cpp
+++ b/src/lib/plugin/ns/SecureSocket.cpp
@@ -378,8 +378,8 @@ SecureSocket::checkResult(int n, bool& fatal, int& retry)
 	case SSL_ERROR_WANT_WRITE:
 	case SSL_ERROR_WANT_CONNECT:
 	case SSL_ERROR_WANT_ACCEPT:
-		LOG((CLOG_DEBUG2 "need to retry the same SSL function"));
 		retry += 1;
+		LOG((CLOG_DEBUG2 "need to retry the same SSL function retry:%d", retry));
 		break;
 
 	case SSL_ERROR_SYSCALL:
@@ -413,6 +413,12 @@ SecureSocket::checkResult(int n, bool& fatal, int& retry)
 		break;
 	}
 
+	// If the retry max would exceed the allowed, treat it as a fatal error
+	if (retry > maxRetry()) {
+		LOG((CLOG_ERR "Maximum retry count exceeded:%d",retry));
+		fatal = true;
+	}
+
 	if (fatal) {
 		retry = 0;
 		showError();