diff options
author | Jacob Hoffman-Andrews <github@hoffman-andrews.com> | 2021-03-17 21:27:12 -0700 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-03-21 00:16:27 +0100 |
commit | 7488ef296015f3a1b90f9743903221e154d339cf (patch) | |
tree | c73a8480f3e088fa1cc239d38501594375d4dac5 | |
parent | 472b537215984cd0d153055a0cd6b3ccc2f387e5 (diff) | |
download | curl-7488ef296015f3a1b90f9743903221e154d339cf.tar.gz |
rustls: Handle close_notify.
If we get a close_notify, treat that as EOF. If we get an EOF from the
TCP stream, treat that as an error (because we should have ended the
connection earlier, when we got a close_notify).
Closes #6763
-rw-r--r-- | lib/vtls/rustls.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index 3b7bc3afb..e4f589de5 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -112,7 +112,7 @@ cr_recv(struct Curl_easy *data, int sockindex, tls_bytes_read = sread(sockfd, backend->tlsbuf, TLSBUF_SIZE); if(tls_bytes_read == 0) { - failf(data, "EOF in sread"); + failf(data, "connection closed without TLS close_notify alert"); *err = CURLE_READ_ERROR; return -1; } @@ -163,7 +163,11 @@ cr_recv(struct Curl_easy *data, int sockindex, (uint8_t *)plainbuf + plain_bytes_copied, plainlen - plain_bytes_copied, &n); - if(rresult != RUSTLS_RESULT_OK) { + if(rresult == RUSTLS_RESULT_ALERT_CLOSE_NOTIFY) { + *err = CURLE_OK; + return 0; + } + else if(rresult != RUSTLS_RESULT_OK) { failf(data, "error in rustls_client_session_read"); *err = CURLE_READ_ERROR; return -1; |