SSL_read() doesn't distinguish between return value 0 and <0,
at least not for OpenSSL 1.1.1. This is documented in the man page for SSL_read and let to h2 failures when using OpenSSL 1.1.1. When no data could be read, our code returned EAGAIN up until OpenSSL 1.1.0, but APR_EOF for OpenSSL 1.1.1. Now instead check SSL_get_error() also when SSL_read() returns 0. To keep changes small, this change should not influence behavior, when (rc=SSL_read()): - rc < 0 - rc == 0 && *len > 0 - rc == 0 && (APR_STATUS_IS_EAGAIN(inctx->rc) || APR_STATUS_IS_EINTR(inctx->rc) && inctx->block == APR_NONBLOCK_READ Behavior changes if - rc == 0 && !(APR_STATUS_IS_EAGAIN(inctx->rc) || APR_STATUS_IS_EINTR(inctx->rc) && !*len > 0 Instead of APR_EOF: - same behavior as rc < 0 for SSL_ERROR_WANT_READ - same behavior as rc < 0 for SSL_ERROR_SYSCALL && APR_STATUS_IS_EAGAIN(inctx->rc) Another change is that rc == 0 && ssl_err == SSL_ERROR_ZERO_RETURN also results in APR_EOF. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1843954 13f79535-47bb-0310-9956-ffa450edef68
Please register or sign in to comment