Expose EOF without close-notify via tls_close().

Make tls_read(3)/tls_write(3) follow read(2)/write(2) like semantics and
return 0 on EOF with and without close-notify. However, if we saw an EOF
from the underlying file descriptors without getting a close-notify, save
this and make it visible when tls_close(3) is called. This keeps the
semantics we want, but makes it possible to detect truncation at higher
layers, if necessary.

ok beck@ guenther@

1 files changed, 3 insertions, 2 deletions

diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h
index d7878a75e3..320f1fbfaa 100644
--- a/src/lib/libtls/tls_internal.h
+++ b/src/lib/libtls/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.22 2015/09/13 10:32:46 beck Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.23 2015/09/14 12:29:16 jsing Exp $ */
 /*
  * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
@@ -62,7 +62,8 @@ struct tls_conninfo {
 #define TLS_SERVER              (1 << 1)
 #define TLS_SERVER_CONN         (1 << 2)
 
-#define TLS_HANDSHAKE_COMPLETE  (1 << 0)
+#define TLS_EOF_NO_CLOSE_NOTIFY (1 << 0)
+#define TLS_HANDSHAKE_COMPLETE  (1 << 1)
 
 struct tls {
         struct tls_config *config;