mirror of
https://github.com/moparisthebest/curl
synced 2025-01-08 12:28:06 -05:00
darwinssl: fix infinite loop if server disconnected abruptly
If the server hung up the connection without sending a closure alert, then we'd keep probing the socket for data even though it's dead. Now we're ready for this situation. Bug: http://curl.haxx.se/mail/lib-2013-03/0014.html Reported by: Aki Koskinen
This commit is contained in:
parent
298f806d01
commit
fadf33c78a
@ -97,8 +97,8 @@ static OSStatus SocketRead(SSLConnectionRef connection,
|
|||||||
if(rrtn <= 0) {
|
if(rrtn <= 0) {
|
||||||
/* this is guesswork... */
|
/* this is guesswork... */
|
||||||
theErr = errno;
|
theErr = errno;
|
||||||
if((rrtn == 0) && (theErr == 0)) {
|
if(rrtn == 0) { /* EOF = server hung up */
|
||||||
/* try fix for iSync */
|
/* the framework will turn this into errSSLClosedNoNotify */
|
||||||
rtn = errSSLClosedGraceful;
|
rtn = errSSLClosedGraceful;
|
||||||
}
|
}
|
||||||
else /* do the switch */
|
else /* do the switch */
|
||||||
@ -966,6 +966,9 @@ darwinssl_connect_step2(struct connectdata *conn, int sockindex)
|
|||||||
"certificate did not match \"%s\"\n", conn->host.dispname);
|
"certificate did not match \"%s\"\n", conn->host.dispname);
|
||||||
return CURLE_PEER_FAILED_VERIFICATION;
|
return CURLE_PEER_FAILED_VERIFICATION;
|
||||||
|
|
||||||
|
case errSSLConnectionRefused:
|
||||||
|
failf(data, "Server dropped the connection during the SSL handshake");
|
||||||
|
return CURLE_SSL_CONNECT_ERROR;
|
||||||
default:
|
default:
|
||||||
failf(data, "Unknown SSL protocol error in connection to %s:%d",
|
failf(data, "Unknown SSL protocol error in connection to %s:%d",
|
||||||
conn->host.name, err);
|
conn->host.name, err);
|
||||||
@ -1502,7 +1505,12 @@ static ssize_t darwinssl_recv(struct connectdata *conn,
|
|||||||
return -1L;
|
return -1L;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case errSSLClosedGraceful: /* they're done; fail gracefully */
|
/* errSSLClosedGraceful - server gracefully shut down the SSL session
|
||||||
|
errSSLClosedNoNotify - server hung up on us instead of sending a
|
||||||
|
closure alert notice, read() is returning 0
|
||||||
|
Either way, inform the caller that the server disconnected. */
|
||||||
|
case errSSLClosedGraceful:
|
||||||
|
case errSSLClosedNoNotify:
|
||||||
*curlcode = CURLE_OK;
|
*curlcode = CURLE_OK;
|
||||||
return -1L;
|
return -1L;
|
||||||
break;
|
break;
|
||||||
|
Loading…
Reference in New Issue
Block a user