diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2016-11-30 20:37:10 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-11-30 20:53:04 +0900 |
| commit | a4e49eee7b129d438aa9f8b996bfd22aa670a2d4 (patch) | |
| tree | aa76f91daaf718517cc24c3ebf2b9b730d1bed84 /ext/openssl | |
| parent | 29a2ba8efc0c7bc9e1a6f29d8e9c8f0f25924ed5 (diff) | |
| download | ruby-openssl-a4e49eee7b129d438aa9f8b996bfd22aa670a2d4.tar.gz | |
ssl: follow-up for the workaround for OpenSSL 1.1.0c's SSL_read()
Remove the comment added by commit 072d53ecf984 ("ssl: workaround for
new behavior of SSL_read() in OpenSSL >= 1.1.0c"). The breaking change
in OpenSSL 1.1.0c has been reverted in the 1.1.0 branch. However, for
the sake of safety, ensure that we never call rb_sys_fail() with
errno == 0. So there is no change in the actual code.
Diffstat (limited to 'ext/openssl')
| -rw-r--r-- | ext/openssl/ossl_ssl.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 26bce570..609ffdc6 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -1710,16 +1710,16 @@ ossl_ssl_read_internal(int argc, VALUE *argv, VALUE self, int nonblock) continue; case SSL_ERROR_SYSCALL: if (!ERR_peek_error()) { - /* - * XXX: OpenSSL commit 4880672a9b41 (backported to 1.1.0c) - * changed SSL_read() to return -1 on unexpected EOF because - * it's not retryable, contrary to the manpage. - * Remove this comment (and maybe fix the condition) when - * the manpage or the implementation is fixed. - */ if (errno) rb_sys_fail(0); else { + /* + * The underlying BIO returned 0. This is actually a + * protocol error. But unfortunately, not all + * implementations cleanly shutdown the TLS connection + * but just shutdown/close the TCP connection. So report + * EOF for now... + */ if (no_exception_p(opts)) { return Qnil; } rb_eof_error(); } |