From a09b907e88e54dc0476432cae192084e3d0a1312 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Sun, 13 Sep 2015 15:39:15 +0000
Subject: work around the stupid semantics of SSL_read and SSL_write to make
 sure we can indicate an EOF properly on tls_read and tls_write ok jsing@

---
 src/lib/libtls/tls.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c
index 4f89a40be4..3012ea62a6 100644
--- a/src/lib/libtls/tls.c
+++ b/src/lib/libtls/tls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.c,v 1.28 2015/09/13 13:44:07 beck Exp $ */
+/* $OpenBSD: tls.c,v 1.29 2015/09/13 15:39:15 beck Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -416,7 +416,7 @@ tls_read(struct tls *ctx, void *buf, size_t buflen)
 	}
 
 	ERR_clear_error();
-	if ((ssl_ret = SSL_read(ctx->ssl_conn, buf, buflen)) > 0) {
+	if ((ssl_ret = SSL_read(ctx->ssl_conn, buf, buflen)) >= 0) {
 		rv = (ssize_t)ssl_ret;
 		goto out;
 	}
@@ -445,7 +445,7 @@ tls_write(struct tls *ctx, const void *buf, size_t buflen)
 	}
 
 	ERR_clear_error();
-	if ((ssl_ret = SSL_write(ctx->ssl_conn, buf, buflen)) > 0) {
+	if ((ssl_ret = SSL_write(ctx->ssl_conn, buf, buflen)) >= 0) {
 		rv = (ssize_t)ssl_ret;
 		goto out;
 	}
-- 
cgit v1.2.3-55-g6feb