Return SSL_ERROR_SYSCALL on unclean EOF.

davidben · agl · commit 9a38e924aafa · 2015-01-22T22:01:35.000Z
This regressed in fcf2583. 0 return code on unclean shutdown means the underlying BIO returned EOF, didn't push any error code, but we haven't seen close_notify yet. The intent seems to be that you go check errno or some BIO-specific equivalent if you care about close_notify. Make sure test code routes all SSL_read return codes through SSL_get_error since that's supposed to work in all cases. (Note that rv == 0 can still give SSL_ERROR_SSL if the error queue is not empty.) Change-Id: I45bf9614573f876d93419ce169a4e0d9ceea9052 Reviewed-on: https://boringssl-review.googlesource.com/2981 Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
@@ -2251,13 +2251,18 @@ int SSL_get_error(const SSL *s, int i) {
     return SSL_ERROR_SSL;
   }
 
-  if (i == 0 && (s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
-      (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY)) {
-    return SSL_ERROR_ZERO_RETURN;
+  if (i == 0) {
+    if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+        (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY)) {
+      /* The socket was cleanly shut down with a close_notify. */
+      return SSL_ERROR_ZERO_RETURN;
+    }
+    /* An EOF was observed which violates the protocol, and the underlying
+     * transport does not participate in the error queue. Bubble up to the
+     * caller. */
+    return SSL_ERROR_SYSCALL;
   }
 
-  assert(i < 0);
-
   if (SSL_want_session(s)) {
     return SSL_ERROR_PENDING_SESSION;
   }
diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc
@@ -656,25 +656,41 @@ static int do_exchange(SSL_SESSION **out_session,
       do {
         n = SSL_read(ssl, buf, sizeof(buf));
       } while (config->async && retry_async(ssl, n, bio));
-      if (n < 0) {
+      int err = SSL_get_error(ssl, n);
+      if (err == SSL_ERROR_ZERO_RETURN ||
+          (n == 0 && err == SSL_ERROR_SYSCALL)) {
+        if (n != 0) {
+          fprintf(stderr, "Invalid SSL_get_error output\n");
+          return 3;
+        }
+        /* Accept shutdowns with or without close_notify.
+         * TODO(davidben): Write tests which distinguish these two cases. */
+        break;
+      } else if (err != SSL_ERROR_NONE) {
+        if (n > 0) {
+          fprintf(stderr, "Invalid SSL_get_error output\n");
+          return 3;
+        }
         SSL_free(ssl);
         BIO_print_errors_fp(stdout);
         return 3;
-      } else if (n == 0) {
-        break;
-      } else {
-        for (int i = 0; i < n; i++) {
-          buf[i] ^= 0xff;
-        }
-        int w;
-        do {
-          w = SSL_write(ssl, buf, n);
-        } while (config->async && retry_async(ssl, w, bio));
-        if (w != n) {
-          SSL_free(ssl);
-          BIO_print_errors_fp(stdout);
-          return 4;
-        }
+      }
+      /* Successfully read data. */
+      if (n <= 0) {
+        fprintf(stderr, "Invalid SSL_get_error output\n");
+        return 3;
+      }
+      for (int i = 0; i < n; i++) {
+        buf[i] ^= 0xff;
+      }
+      int w;
+      do {
+        w = SSL_write(ssl, buf, n);
+      } while (config->async && retry_async(ssl, w, bio));
+      if (w != n) {
+        SSL_free(ssl);
+        BIO_print_errors_fp(stdout);
+        return 4;
       }
     }
   }
