1
0
mirror of https://github.com/moparisthebest/curl synced 2025-01-08 12:28:06 -05:00

darwinssl: fix infinite loop if server disconnected abruptly

If the server hung up the connection without sending a closure alert,
then we'd keep probing the socket for data even though it's dead. Now
we're ready for this situation.

Bug: http://curl.haxx.se/mail/lib-2013-03/0014.html
Reported by: Aki Koskinen
This commit is contained in:
Nick Zitzmann 2013-03-03 22:11:10 -07:00
parent 298f806d01
commit fadf33c78a

View File

@ -97,8 +97,8 @@ static OSStatus SocketRead(SSLConnectionRef connection,
if(rrtn <= 0) { if(rrtn <= 0) {
/* this is guesswork... */ /* this is guesswork... */
theErr = errno; theErr = errno;
if((rrtn == 0) && (theErr == 0)) { if(rrtn == 0) { /* EOF = server hung up */
/* try fix for iSync */ /* the framework will turn this into errSSLClosedNoNotify */
rtn = errSSLClosedGraceful; rtn = errSSLClosedGraceful;
} }
else /* do the switch */ else /* do the switch */
@ -966,6 +966,9 @@ darwinssl_connect_step2(struct connectdata *conn, int sockindex)
"certificate did not match \"%s\"\n", conn->host.dispname); "certificate did not match \"%s\"\n", conn->host.dispname);
return CURLE_PEER_FAILED_VERIFICATION; return CURLE_PEER_FAILED_VERIFICATION;
case errSSLConnectionRefused:
failf(data, "Server dropped the connection during the SSL handshake");
return CURLE_SSL_CONNECT_ERROR;
default: default:
failf(data, "Unknown SSL protocol error in connection to %s:%d", failf(data, "Unknown SSL protocol error in connection to %s:%d",
conn->host.name, err); conn->host.name, err);
@ -1502,7 +1505,12 @@ static ssize_t darwinssl_recv(struct connectdata *conn,
return -1L; return -1L;
break; break;
case errSSLClosedGraceful: /* they're done; fail gracefully */ /* errSSLClosedGraceful - server gracefully shut down the SSL session
errSSLClosedNoNotify - server hung up on us instead of sending a
closure alert notice, read() is returning 0
Either way, inform the caller that the server disconnected. */
case errSSLClosedGraceful:
case errSSLClosedNoNotify:
*curlcode = CURLE_OK; *curlcode = CURLE_OK;
return -1L; return -1L;
break; break;