sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity

tls-socket: Handle sending fatal errors better

Browse Source 
In particular as server, the previous code might cause it to hang in
recv() if this case wasn't triggered by a close notify (followed by a
shutdown of the socket) but it e.g. failed processing a ServerHello and
responded with a fatal alert.

Fixes: 09fbaad6bd71 ("tls-socket: Don't fail reading if sending data failed")
This commit is contained in:
Tobias Brunner 2021-11-15 14:39:22 +01:00
parent 01485770fd
commit d95381ec7a
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/libtls/tls_socket.c
View File

@ -193,11 +193,13 @@ static bool exchange(private_tls_socket_t *this, bool wr, bool block)
case SUCCESS:
return TRUE;
default:
if (wr)
{
return FALSE;
if (!wr && this->app.in_done > 0)
{ /* return data after proper termination via fatal close
* notify to which we responded with one */
this->eof = TRUE;
return TRUE;
}
break;
return FALSE;
}
break;
}