diff options
author | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-05-05 16:20:42 +0300 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-05-19 19:04:11 +0300 |
commit | 09b90e0ed7915809fcd4ee1e250d881b77d06d45 (patch) | |
tree | 897a351d8f49b6f575bf54bba4dd486b00ad31f7 /ssl/record | |
parent | fb420afc878fa38a5d8cf22e25cf7d438d39987a (diff) |
Introducing option SSL_OP_IGNORE_UNEXPECTED_EOF
Partially fixes #11209.
Before OpenSSL 3.0 in case when peer does not send close_notify,
the behaviour was to set SSL_ERROR_SYSCALL error with errno 0.
This behaviour has changed. The SSL_OP_IGNORE_UNEXPECTED_EOF restores
the old behaviour for compatibility's sake.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11735)
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/rec_layer_s3.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index bceac72051..b1dcd517e2 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -303,8 +303,13 @@ int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold, if (ret <= 0 && !BIO_should_retry(s->rbio) && BIO_eof(s->rbio)) { - SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_READ_N, - SSL_R_UNEXPECTED_EOF_WHILE_READING); + if (s->options & SSL_OP_IGNORE_UNEXPECTED_EOF) { + SSL_set_shutdown(s, SSL_RECEIVED_SHUTDOWN); + s->s3.warn_alert = SSL_AD_CLOSE_NOTIFY; + } else { + SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_READ_N, + SSL_R_UNEXPECTED_EOF_WHILE_READING); + } } } else { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_N, |