From 72622c0b9637667cfef3692e5a63b90d637f0c72 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 18 Aug 2023 15:57:41 +0100
Subject: Handle the case where the read buffer is empty but we have received
 FIN

In some cases where a FIN has been received but with no data quic_read_actual
was failing to raise SSL_ERROR_ZERO_RETURN. This meant that we could end up
blocking in SSL_read(_ex) for too long.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21780)
---
 ssl/quic/quic_impl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index cf6233fc5b..b0d613299f 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -2237,6 +2237,9 @@ static int quic_read_actual(QCTX *ctx,
                                               stream);
     }
 
+    if (*bytes_read == 0 && is_fin)
+        return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
+
     return 1;
 }
 
-- 
cgit v1.2.3