summaryrefslogtreecommitdiffstats
path: root/net/socket
diff options
context:
space:
mode:
Diffstat (limited to 'net/socket')
-rw-r--r--net/socket/ssl_client_socket_mac.cc16
-rw-r--r--net/socket/ssl_client_socket_win.cc4
2 files changed, 12 insertions, 8 deletions
diff --git a/net/socket/ssl_client_socket_mac.cc b/net/socket/ssl_client_socket_mac.cc
index 6061dde..dd56e35 100644
--- a/net/socket/ssl_client_socket_mac.cc
+++ b/net/socket/ssl_client_socket_mac.cc
@@ -538,7 +538,7 @@ void SSLClientSocketMac::OnWriteComplete(int result) {
}
int SSLClientSocketMac::DoPayloadRead() {
- size_t processed;
+ size_t processed = 0;
OSStatus status = SSLRead(ssl_context_,
user_buf_->data(),
user_buf_len_,
@@ -550,20 +550,24 @@ int SSLClientSocketMac::DoPayloadRead() {
// along with partial data). So even though "would block" is returned, if we
// have data, let's just return it.
- if (processed > 0) {
- next_state_ = STATE_NONE;
+ if (processed > 0)
return processed;
+
+ if (status == errSSLClosedNoNotify) {
+ // TODO(wtc): Unless we have received the close_notify alert, we need to
+ // return an error code indicating that the SSL connection ended
+ // uncleanly, a potential truncation attack. See http://crbug.com/18586.
+ return OK;
}
- if (status == errSSLWouldBlock) {
+ if (status == errSSLWouldBlock)
next_state_ = STATE_PAYLOAD_READ;
- }
return NetErrorFromOSStatus(status);
}
int SSLClientSocketMac::DoPayloadWrite() {
- size_t processed;
+ size_t processed = 0;
OSStatus status = SSLWrite(ssl_context_,
user_buf_->data(),
user_buf_len_,
diff --git a/net/socket/ssl_client_socket_win.cc b/net/socket/ssl_client_socket_win.cc
index 86412d5..fba04ea 100644
--- a/net/socket/ssl_client_socket_win.cc
+++ b/net/socket/ssl_client_socket_win.cc
@@ -928,9 +928,9 @@ int SSLClientSocketWin::DoPayloadReadComplete(int result) {
if (result == 0 && !ignore_ok_result_) {
// TODO(wtc): Unless we have received the close_notify alert, we need to
// return an error code indicating that the SSL connection ended
- // uncleanly, a potential truncation attack.
+ // uncleanly, a potential truncation attack. See http://crbug.com/18586.
if (bytes_received_ != 0)
- return ERR_FAILED;
+ return ERR_SSL_PROTOCOL_ERROR;
return OK;
}
generated by cgit v1.1 at 2024-12-26 14:54:04 +0000