proper handling for openssl ZERO_RETURN error

2025-04-04 21:37:58 +03:00 · 2021-12-28 12:13:53 +06:00 · 2021-12-28 12:13:53 +06:00 · 7751e944f4
commit 7751e944f4
parent d23bb69fff
8 changed files with 21 additions and 7 deletions
--- a/ntex-service/CHANGES.md
+++ b/ntex-service/CHANGES.md
@ -1,6 +1,6 @@
 # Changes

-## [0.3.0] - 2021-12-xx
+## [0.3.0] - 2021-12-24

 * Service takes request type as a type parameter instead of an associated type

--- a/ntex-tls/CHANGES.md
+++ b/ntex-tls/CHANGES.md
@ -2,6 +2,10 @@

 ## [0.1.0-b.5] - 2021-12-28

+* Proper handling for openssl ZERO_RETURN error
+
+## [0.1.0-b.5] - 2021-12-28
+
 * Add query support for peer cert and peer cert chain

 ## [0.1.0-b.4] - 2021-12-27
--- a/ntex-tls/Cargo.toml
+++ b/ntex-tls/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "ntex-tls"
-version = "0.1.0-b.5"
+version = "0.1.0-b.6"
 authors = ["ntex contributors <team@ntex.rs>"]
 description = "An implementation of SSL streams for ntex backed by OpenSSL"
 keywords = ["network", "framework", "async", "futures"]
--- a/ntex-tls/src/openssl/mod.rs
+++ b/ntex-tls/src/openssl/mod.rs
@ -112,7 +112,9 @@ impl<F: Filter> Filter for SslFilter<F> {
            Ok(ssl::ShutdownResult::Received) => {
                self.inner.borrow().get_ref().inner.poll_shutdown()
            }
-            Err(ref e) if e.code() == ssl::ErrorCode::ZERO_RETURN => Poll::Ready(Ok(())),
+            Err(ref e) if e.code() == ssl::ErrorCode::ZERO_RETURN => {
+                self.inner.borrow().get_ref().inner.poll_shutdown()
+            }
            Err(ref e)
                if e.code() == ssl::ErrorCode::WANT_READ
                    || e.code() == ssl::ErrorCode::WANT_WRITE =>
@ -230,6 +232,10 @@ impl<F: Filter> Filter for SslFilter<F> {
                    }
                    Ok(new_bytes)
                }
+                Err(ref e) if e.code() == ssl::ErrorCode::ZERO_RETURN => {
+                    self.want_shutdown(None);
+                    Ok(new_bytes)
+                }
                Err(e) => Err(map_to_ioerr(e)),
            };
        }
@ -252,6 +258,10 @@ impl<F: Filter> Filter for SslFilter<F> {
                    }
                    return match e.code() {
                        ssl::ErrorCode::WANT_READ | ssl::ErrorCode::WANT_WRITE => Ok(()),
+                        ssl::ErrorCode::ZERO_RETURN => {
+                            self.want_shutdown(None);
+                            Ok(())
+                        }
                        _ => Err(map_to_ioerr(e)),
                    };
                }
--- a/ntex/CHANGES.md
+++ b/ntex/CHANGES.md
@ -1,6 +1,6 @@
 # Changes

-## [0.5.0-b.5] - 2021-12-xx
+## [0.5.0-b.5] - 2021-12-28

 * http: proper send payload, if request payload is not consumed

--- a/ntex/Cargo.toml
+++ b/ntex/Cargo.toml
@ -45,7 +45,7 @@ ntex-service = "0.3.0-b.0"
 ntex-macros = "0.1.3"
 ntex-util = "0.1.5"
 ntex-bytes = "0.1.8"
-ntex-tls = "0.1.0-b.5"
+ntex-tls = "0.1.0-b.6"
 ntex-io = "0.1.0-b.8"
 ntex-rt = { version = "0.4.0-b.2", default-features = false, features = ["tokio"] }

--- a/ntex/README.md
+++ b/ntex/README.md
@ -1,6 +1,6 @@
 <div align="center">
 <p><h1>ntex</h1> </p>
-  <p><strong>Framework for composable network services. This is personal project. This project uses *unsafe*!</strong> </p>
+  <p><strong>Framework for composable network services. This project uses *unsafe*!</strong> </p>
  <p>

 [![build status](https://github.com/ntex-rs/ntex/workflows/CI%20%28Linux%29/badge.svg?branch=master&event=push)](https://github.com/ntex-rs/ntex/actions?query=workflow%3A"CI+(Linux)") 
--- a/ntex/tests/connect.rs
+++ b/ntex/tests/connect.rs
@ -84,7 +84,7 @@ async fn test_openssl_read_before_error() {
    let io = conn.call(addr.into()).await.unwrap();
    let item = io.recv(&BytesCodec).await.unwrap().unwrap();
    assert_eq!(item, Bytes::from_static(b"test"));
-    assert!(io.recv(&BytesCodec).await.is_err());
+    assert!(io.recv(&BytesCodec).await.unwrap().is_none());
 }

 #[cfg(feature = "rustls")]