summaryrefslogtreecommitdiff
path: root/src/lib/libc/string/ffs.c
diff options
context:
space:
mode:
authortb <>2022-01-25 14:51:54 +0000
committertb <>2022-01-25 14:51:54 +0000
commit06d4f8aab7ce5506a95bc3f39662c3884aeea837 (patch)
tree683f235762f0b56515db57db8fb805b022b9c1a2 /src/lib/libc/string/ffs.c
parent31ce901dd1f8921a091a4aa2937b9ab61d8d0940 (diff)
downloadopenbsd-06d4f8aab7ce5506a95bc3f39662c3884aeea837.tar.gz
openbsd-06d4f8aab7ce5506a95bc3f39662c3884aeea837.tar.bz2
openbsd-06d4f8aab7ce5506a95bc3f39662c3884aeea837.zip
Avoid an infinite loop in SSL_shutdown()
If the peer closed the write side of the connection and we have not yet received the close_notify, SSL_shutdown() makes an extra read to try and read the peer's close_notify from the pipe. In that situation, we receive EOF. The legacy stack will return -1 while the TLSv1.3 stack will end up returning 0. Since the documentation is not super explicit about what should be done if SSL_shutdown() returns 0, some applications will enter an infinite loop. The code and documentation indicate that SSL_shutdown() should only be called once more if it returned 0. Newer versions of the OpenSSL documentation explicitly say that one should call SSL_read() if SSL_shutdown() returns 0 in order to retrieve the close_notify. Doing this would also have avoided this infinite loop. Reported by Carsten Arzig and bluhm with a test case extracted from the syslogd tests using IO::Socket::SSL, which has such an infinite loop. ok bluhm jsing
Diffstat (limited to 'src/lib/libc/string/ffs.c')
0 files changed, 0 insertions, 0 deletions