[PATCH] winhttp: Handle TLS close notify in netconn_is_alive().
Paul Gofman
pgofman at codeweavers.com
Mon Nov 1 08:19:01 CDT 2021
Signed-off-by: Paul Gofman <pgofman at codeweavers.com>
---
Server may decide to close the connection that we have cached. In that case it may send
'Close notify' encrypted alert and then close the connection. Gnutls processes that
[1] and returns zero length record from gnutls_record_recv().
We currently check for EOF on socket in netconn_is_alive(). But in that case the socket
has 31 byte of data in the buffer while the socket is de facto closed already. read_ssl_chunk()
will process this message leaving the socket in the EOF state. If there is
some unrelated message it should stay in peek_msg buffer. read_ssl_chunk() should not
block on receiving the data as the socket is in the non blocking state.
1. https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/record.c#L881
dlls/winhttp/net.c | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/dlls/winhttp/net.c b/dlls/winhttp/net.c
index 8597179dc3e..3016608404a 100644
--- a/dlls/winhttp/net.c
+++ b/dlls/winhttp/net.c
@@ -616,11 +616,31 @@ DWORD netconn_set_timeout( struct netconn *netconn, BOOL send, int value )
BOOL netconn_is_alive( struct netconn *netconn )
{
+ SIZE_T size;
int len;
char b;
DWORD err;
+ BOOL eof;
set_blocking( netconn, FALSE );
+ if (netconn->secure)
+ {
+ while (!netconn->peek_msg && !(err = read_ssl_chunk( netconn, NULL, 0, &size, &eof )) && !eof)
+ ;
+
+ TRACE("Checking secure connection, err %d.\n", err);
+
+ if (netconn->peek_msg || err == WSAEWOULDBLOCK)
+ {
+ set_blocking( netconn, TRUE );
+ return TRUE;
+ }
+ if (err != SEC_E_OK && err != SEC_E_INCOMPLETE_MESSAGE)
+ {
+ set_blocking( netconn, TRUE );
+ return FALSE;
+ }
+ }
len = sock_recv( netconn->socket, &b, 1, MSG_PEEK );
err = WSAGetLastError();
set_blocking( netconn, TRUE );
--
2.31.1
More information about the wine-devel
mailing list