mirror of https://github.com/electron/electron
50 lines
1.9 KiB
Diff
50 lines
1.9 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Shelley Vohr <shelley.vohr@gmail.com>
|
|
Date: Tue, 6 Sep 2022 09:42:52 +0200
|
|
Subject: revert: track SSL_ERROR_ZERO_RETURN explicitly.
|
|
|
|
This reverts commit ebd8b8965c74ab06bb91f7a00b23822e1f1f26ca.
|
|
|
|
It is causing significant TLS failures in Node.js.
|
|
|
|
diff --git a/ssl/ssl_buffer.cc b/ssl/ssl_buffer.cc
|
|
index 2ca14efae5ea478f43794a81883b00dfdb1a37b0..d73055fbf39334925ef4b4804bbaca57c4a4d5d3 100644
|
|
--- a/ssl/ssl_buffer.cc
|
|
+++ b/ssl/ssl_buffer.cc
|
|
@@ -232,7 +232,6 @@ int ssl_handle_open_record(SSL *ssl, bool *out_retry, ssl_open_record_t ret,
|
|
return 1;
|
|
|
|
case ssl_open_record_close_notify:
|
|
- ssl->s3->rwstate = SSL_ERROR_ZERO_RETURN;
|
|
return 0;
|
|
|
|
case ssl_open_record_error:
|
|
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
|
|
index 98f97ebb28a06dfde00082922a1aff24f8aa154c..8ec11f0e839760ace90bd88e096ffbd17508e224 100644
|
|
--- a/ssl/ssl_lib.cc
|
|
+++ b/ssl/ssl_lib.cc
|
|
@@ -1334,7 +1334,7 @@ int SSL_get_error(const SSL *ssl, int ret_code) {
|
|
}
|
|
|
|
if (ret_code == 0) {
|
|
- if (ssl->s3->rwstate == SSL_ERROR_ZERO_RETURN) {
|
|
+ if (ssl->s3->read_shutdown == ssl_shutdown_close_notify) {
|
|
return SSL_ERROR_ZERO_RETURN;
|
|
}
|
|
// An EOF was observed which violates the protocol, and the underlying
|
|
@@ -2701,13 +2701,7 @@ void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx) {
|
|
return CRYPTO_get_ex_data(&ctx->ex_data, idx);
|
|
}
|
|
|
|
-int SSL_want(const SSL *ssl) {
|
|
- // Historically, OpenSSL did not track |SSL_ERROR_ZERO_RETURN| as an |rwstate|
|
|
- // value. We do, but map it back to |SSL_ERROR_NONE| to preserve the original
|
|
- // behavior.
|
|
- return ssl->s3->rwstate == SSL_ERROR_ZERO_RETURN ? SSL_ERROR_NONE
|
|
- : ssl->s3->rwstate;
|
|
-}
|
|
+int SSL_want(const SSL *ssl) { return ssl->s3->rwstate; }
|
|
|
|
void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
|
|
RSA *(*cb)(SSL *ssl, int is_export,
|