Document SSL_R_UNEXPECTED_EOF_WHILE_READING

Also document that it is ok to use this for control flow decisions.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23327)

(cherry picked from commit b7275c5e5c1c7b025bf2eb74fd1344b6abe48c06)

2 files changed, 7 insertions, 1 deletions

diff --git a/doc/man3/SSL_get_error.pod b/doc/man3/SSL_get_error.pod
index a90b22d984..e60902a85c 100644
--- a/doc/man3/SSL_get_error.pod
+++ b/doc/man3/SSL_get_error.pod
@@ -32,7 +32,9 @@ Some TLS implementations do not send a close_notify alert on shutdown.
 On an unexpected EOF, versions before OpenSSL 3.0 returned
 B<SSL_ERROR_SYSCALL>, nothing was added to the error stack, and errno was 0.
 Since OpenSSL 3.0 the returned error is B<SSL_ERROR_SSL> with a meaningful
-error on the error stack.
+error on the error stack (SSL_R_UNEXPECTED_EOF_WHILE_READING). This error reason
+code may be used for control flow decisions (see the man page for
+L<ERR_GET_REASON(3)> for further details on this).
 
 =head1 RETURN VALUES
 
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 3baf820761..b3be80e341 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -300,6 +300,10 @@ int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold,
                     SSL_set_shutdown(s, SSL_RECEIVED_SHUTDOWN);
                     s->s3.warn_alert = SSL_AD_CLOSE_NOTIFY;
                 } else {
+                    /*
+                     * This reason code is part of the API and may be used by
+                     * applications for control flow decisions.
+                     */
                     SSLfatal(s, SSL_AD_DECODE_ERROR,
                              SSL_R_UNEXPECTED_EOF_WHILE_READING);
                 }