Overview

File neon-openssl3-truncation.patch of Package neon

From 1c36f97d784ffe0efa65a2b9aa143662d4f8a457 Mon Sep 17 00:00:00 2001
From: Joe Orton <jorton@redhat.com>
Date: Wed, 4 Aug 2021 16:20:04 +0100
Subject: [PATCH] * src/ne_socket.c (error_ossl): Handle OpenSSL 3 truncation
 error   the same as for pre-3.

---
 src/ne_socket.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/ne_socket.c b/src/ne_socket.c
index fe69b8f..7332061 100644
--- a/src/ne_socket.c
+++ b/src/ne_socket.c
@@ -684,6 +684,25 @@ static int error_ossl(ne_socket *sock, int sret)
     
     /* for all other errors, look at the OpenSSL error stack */
     err = ERR_get_error();
+    NE_DEBUG(NE_DBG_SSL, "ssl: Got OpenSSL error stack %lu\n", err);
+
+    if (ERR_GET_LIB(err) == ERR_LIB_SSL) {
+	int reason = ERR_GET_REASON(err);
+
+#ifdef SSL_R_UNEXPECTED_EOF_WHILE_READING
+        /* OpenSSL 3 signals truncation this way. */
+	if (reason == SSL_R_UNEXPECTED_EOF_WHILE_READING) {
+	    set_error(sock, _("Secure connection truncated"));
+	    return NE_SOCK_TRUNC;
+	}
+        else
+#endif
+	if (reason == SSL_R_PROTOCOL_IS_SHUTDOWN) {
+	    set_error(sock, _("Secure connection reset"));
+	    return NE_SOCK_RESET;
+	}
+    }
+
     if (err == 0) {
         /* Empty error stack, presume this is a system call error: */
         if (sret == 0) {
-- 
2.43.0
openSUSE Build Service is sponsored by
Places