diff options
author | Nick Zitzmann <nickzman@gmail.com> | 2013-03-03 22:11:10 -0700 |
---|---|---|
committer | Nick Zitzmann <nickzman@gmail.com> | 2013-03-03 22:11:10 -0700 |
commit | fadf33c78ac7bdfc6790350de9a0dfc8bcdb030b (patch) | |
tree | e88e40f154f742ed1740ff1e7d4df2732a725138 /lib/curl_darwinssl.c | |
parent | 298f806d01fa49d6b62fd3de591a2cb33f7d725b (diff) | |
download | curl-fadf33c78ac7bdfc6790350de9a0dfc8bcdb030b.tar.gz |
darwinssl: fix infinite loop if server disconnected abruptly
If the server hung up the connection without sending a closure alert,
then we'd keep probing the socket for data even though it's dead. Now
we're ready for this situation.
Bug: http://curl.haxx.se/mail/lib-2013-03/0014.html
Reported by: Aki Koskinen
Diffstat (limited to 'lib/curl_darwinssl.c')
-rw-r--r-- | lib/curl_darwinssl.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/lib/curl_darwinssl.c b/lib/curl_darwinssl.c index 523370e6d..d18e28ef2 100644 --- a/lib/curl_darwinssl.c +++ b/lib/curl_darwinssl.c @@ -97,8 +97,8 @@ static OSStatus SocketRead(SSLConnectionRef connection, if(rrtn <= 0) { /* this is guesswork... */ theErr = errno; - if((rrtn == 0) && (theErr == 0)) { - /* try fix for iSync */ + if(rrtn == 0) { /* EOF = server hung up */ + /* the framework will turn this into errSSLClosedNoNotify */ rtn = errSSLClosedGraceful; } else /* do the switch */ @@ -966,6 +966,9 @@ darwinssl_connect_step2(struct connectdata *conn, int sockindex) "certificate did not match \"%s\"\n", conn->host.dispname); return CURLE_PEER_FAILED_VERIFICATION; + case errSSLConnectionRefused: + failf(data, "Server dropped the connection during the SSL handshake"); + return CURLE_SSL_CONNECT_ERROR; default: failf(data, "Unknown SSL protocol error in connection to %s:%d", conn->host.name, err); @@ -1502,7 +1505,12 @@ static ssize_t darwinssl_recv(struct connectdata *conn, return -1L; break; - case errSSLClosedGraceful: /* they're done; fail gracefully */ + /* errSSLClosedGraceful - server gracefully shut down the SSL session + errSSLClosedNoNotify - server hung up on us instead of sending a + closure alert notice, read() is returning 0 + Either way, inform the caller that the server disconnected. */ + case errSSLClosedGraceful: + case errSSLClosedNoNotify: *curlcode = CURLE_OK; return -1L; break; |