openssl patch

chicken-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

openssl patch

From:	Harley Swick
Subject:	openssl patch
Date:	Tue, 01 Dec 2020 22:13:02 GMT

Hi there,

I've attached a small patch for the openssl egg that adds another error status.

This status is 'ssl-eof when the error is SSL_ERR_SYSCALL but the return code 
is zero.

According to the OpenSSL docs[1] under the BUGS section:

> The SSL_ERROR_SYSCALL eith errno value of 0 indicates unexpected EOF from the 
> peer.
> This will be properly reported as SSL_ERROR_SSL with reason code
> SSL_R_UNEXPECTED_EOF_WHILE_READING in the OpenSSL 3.0 release because it is 
> truly a
> TLS protocol error to terminate the connection without a SSL_shutdown().
>
> The issue is kept unfixed in OpenSSL 1.1.1 releases because many applications 
> which
> choose to ignore this protocol error depend on the existing way of reporting 
> the error.

Basically this gives the user the option to treat it is as an !#eof instead of 
a fatal error.

I've been running into this issue while building a Gemini[2] client where there 
are a 
plethora of servers written by hobbyists. Also, the protocol does not have a 
Content-Length header,
which means I can't avoid this issue by simply not reading past the end.

- Harley 

[1] https://www.openssl.org/docs/man1.1.1/man3/SSL_get_error.html
[2] https://gemini.circumlunar.space/docs/specification.html

add_ssl_eof.diff
Description: Text document

[Prev in Thread]

Current Thread

[Next in Thread]

openssl patch, Harley Swick <=
- Re: openssl patch, Vasilij Schneidermann, 2020/12/01
  - Re: openssl patch, Harley Swick, 2020/12/01
    - Re: openssl patch, Vasilij Schneidermann, 2020/12/02

Next by Date: Re: openssl patch
Next by thread: Re: openssl patch
Index(es):
- Date
- Thread