diff options
| -rw-r--r-- | crypto/tlssession.c | 7 | ||||
| -rw-r--r-- | include/crypto/tlssession.h | 10 | ||||
| -rw-r--r-- | io/channel-tls.c | 21 |
3 files changed, 24 insertions, 14 deletions
diff --git a/crypto/tlssession.c b/crypto/tlssession.c index 86d407a142..ac38c2121d 100644 --- a/crypto/tlssession.c +++ b/crypto/tlssession.c @@ -552,7 +552,6 @@ ssize_t qcrypto_tls_session_read(QCryptoTLSSession *session, char *buf, size_t len, - bool gracefulTermination, Error **errp) { ssize_t ret; @@ -570,9 +569,8 @@ qcrypto_tls_session_read(QCryptoTLSSession *session, if (ret < 0) { if (ret == GNUTLS_E_AGAIN) { return QCRYPTO_TLS_SESSION_ERR_BLOCK; - } else if ((ret == GNUTLS_E_PREMATURE_TERMINATION) && - gracefulTermination){ - return 0; + } else if (ret == GNUTLS_E_PREMATURE_TERMINATION) { + return QCRYPTO_TLS_SESSION_PREMATURE_TERMINATION; } else { if (session->rerr) { error_propagate(errp, session->rerr); @@ -789,7 +787,6 @@ ssize_t qcrypto_tls_session_read(QCryptoTLSSession *sess, char *buf, size_t len, - bool gracefulTermination, Error **errp) { error_setg(errp, "TLS requires GNUTLS support"); diff --git a/include/crypto/tlssession.h b/include/crypto/tlssession.h index 2f62ce2d67..2e9fe11cf6 100644 --- a/include/crypto/tlssession.h +++ b/include/crypto/tlssession.h @@ -110,6 +110,7 @@ typedef struct QCryptoTLSSession QCryptoTLSSession; #define QCRYPTO_TLS_SESSION_ERR_BLOCK -2 +#define QCRYPTO_TLS_SESSION_PREMATURE_TERMINATION -3 /** * qcrypto_tls_session_new: @@ -259,7 +260,6 @@ ssize_t qcrypto_tls_session_write(QCryptoTLSSession *sess, * @sess: the TLS session object * @buf: to fill with plain text received * @len: the length of @buf - * @gracefulTermination: treat premature termination as graceful EOF * @errp: pointer to hold returned error object * * Receive up to @len bytes of data from the remote peer @@ -267,22 +267,18 @@ ssize_t qcrypto_tls_session_write(QCryptoTLSSession *sess, * qcrypto_tls_session_set_callbacks(), decrypt it and * store it in @buf. * - * If @gracefulTermination is true, then a premature termination - * of the TLS session will be treated as indicating EOF, as - * opposed to an error. - * * It is an error to call this before * qcrypto_tls_session_handshake() returns * QCRYPTO_TLS_HANDSHAKE_COMPLETE * * Returns: the number of bytes received, * or QCRYPTO_TLS_SESSION_ERR_BLOCK if the receive would block, - * or -1 on error. + * or QCRYPTO_TLS_SESSION_PREMATURE_TERMINATION if a premature termination + * is detected, or -1 on error. */ ssize_t qcrypto_tls_session_read(QCryptoTLSSession *sess, char *buf, size_t len, - bool gracefulTermination, Error **errp); /** diff --git a/io/channel-tls.c b/io/channel-tls.c index 7135896f79..1fbed4be0c 100644 --- a/io/channel-tls.c +++ b/io/channel-tls.c @@ -346,6 +346,19 @@ static void qio_channel_tls_finalize(Object *obj) qcrypto_tls_session_free(ioc->session); } +static bool +qio_channel_tls_allow_premature_termination(QIOChannelTLS *tioc, int flags) +{ + if (flags & QIO_CHANNEL_READ_FLAG_RELAXED_EOF) { + return true; + } + + if (qatomic_read(&tioc->shutdown) & QIO_CHANNEL_SHUTDOWN_READ) { + return true; + } + + return false; +} static ssize_t qio_channel_tls_readv(QIOChannel *ioc, const struct iovec *iov, @@ -364,8 +377,6 @@ static ssize_t qio_channel_tls_readv(QIOChannel *ioc, tioc->session, iov[i].iov_base, iov[i].iov_len, - flags & QIO_CHANNEL_READ_FLAG_RELAXED_EOF || - qatomic_load_acquire(&tioc->shutdown) & QIO_CHANNEL_SHUTDOWN_READ, errp); if (ret == QCRYPTO_TLS_SESSION_ERR_BLOCK) { if (got) { @@ -373,6 +384,12 @@ static ssize_t qio_channel_tls_readv(QIOChannel *ioc, } else { return QIO_CHANNEL_ERR_BLOCK; } + } else if (ret == QCRYPTO_TLS_SESSION_PREMATURE_TERMINATION) { + if (qio_channel_tls_allow_premature_termination(tioc, flags)) { + ret = 0; + } else { + return -1; + } } else if (ret < 0) { return -1; } |