Detect EOF while reading in libssl

If we hit an EOF while reading in libssl then we will report an error back to the application (SSL_ERROR_SYSCALL) but errno will be 0. We add an error to the stack (which means we instead return SSL_ERROR_SSL) and therefore give a hint as to what went wrong. Contains a partial fix for #10880 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/10907)
author: Matt Caswell <matt@openssl.org> 2020-01-17 17:39:19 +0000
committer: Matt Caswell <matt@openssl.org> 2020-02-04 14:39:29 +0000
commit: d924dbf4ae127c68463bcbece04b6e06abc58928 (patch)
tree: 465bacfdfae92f28ee84ae47fba82f4fb044f2fa /ssl/record
parent: 579422c85cf606c0ae1d4baf414010dc21da657a (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 0b9d18fd00..b4675f3c8c 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -300,6 +300,12 @@ int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold,
             ret = BIO_read(s->rbio, pkt + len + left, max - left);
             if (ret >= 0)
                 bioread = ret;
+            if (ret <= 0
+                    && !BIO_should_retry(s->rbio)
+                    && BIO_eof(s->rbio)) {
+                SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_READ_N,
+                         SSL_R_UNEXPECTED_EOF_WHILE_READING);
+            }
         } else {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_N,
                      SSL_R_READ_BIO_NOT_SET);
author	Matt Caswell <matt@openssl.org>	2020-01-17 17:39:19 +0000
committer	Matt Caswell <matt@openssl.org>	2020-02-04 14:39:29 +0000
commit	d924dbf4ae127c68463bcbece04b6e06abc58928 (patch)
tree	465bacfdfae92f28ee84ae47fba82f4fb044f2fa /ssl/record
parent	579422c85cf606c0ae1d4baf414010dc21da657a (diff)