From facee799986fd6965342349b7361638782ae50f6 Mon Sep 17 00:00:00 2001
From: neru <neru@neru.rip>
Date: Wed, 13 May 2026 11:38:12 -0300
Subject: [PATCH] feat: add sslWriteAll (for tunnel)

---
 src/proxy/tinymitm/proxy.cpp | 33 ++++++++++++++++++++++++++++++++-
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git a/src/proxy/tinymitm/proxy.cpp b/src/proxy/tinymitm/proxy.cpp
index 452e3da..d086954 100644
--- a/src/proxy/tinymitm/proxy.cpp
+++ b/src/proxy/tinymitm/proxy.cpp
@@ -100,6 +100,37 @@ struct HttpStream
         }
 };
 
+/*
+    misc helpers
+*/
+bool sslWriteAll(WOLFSSL* ssl, const void* data, int len, SOCKET s)
+{
+    int sent = 0;
+    while (sent < len)
+    {
+        int ret = wolfSSL_write(ssl, (const char*)data + sent, len - sent);
+        if (ret > 0)
+        {
+            sent += ret;
+            continue;
+        }
+
+        int err = wolfSSL_get_error(ssl, ret);
+        if (err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_WANT_WRITE)
+        {
+            fd_set fds;
+            FD_ZERO(&fds);
+            FD_SET(s, &fds);
+            struct timeval tv{0, 10000}; // 10ms wait
+            select(0, (err == WOLFSSL_ERROR_WANT_READ) ? &fds : nullptr,
+                   (err == WOLFSSL_ERROR_WANT_WRITE) ? &fds : nullptr, nullptr, &tv);
+            continue;
+        }
+        return false;
+    }
+    return true;
+}
+
 /*
     platform specific stuff
 */
@@ -393,7 +424,7 @@ void TinyMITMProxy::handleClient(SOCKET clientSocket)
             {
                 if (tunnelMode)
                 {
-                    wolfSSL_write(remoteSSL.get(), buf, rd);
+                    if (!sslWriteAll(remoteSSL.get(), buf, rd, remoteGuard)) break;
                 }
                 else
                 {