Type: bug report
OS: iOS (but may affect other platforms, mobile in particular)
OpenSSL versions: confirmed in 1.0.0.h and 1.0.1 Beta 3
Bug:
int BIO_sock_non_fatal_error(int err) in crypto/bio/bss_sock.c returns 1 for
ENOTCONN which causes SSL_read to return SSL_ERROR_WANT_READ. In at least some
cases, ENOTCONN is fatal. In those cases, the SSL_read caller (in my case,
libcurl), ends up calling SSL_read infinitely.
This occurs repeatably on iOS and possibly other mobile platforms which tend to
tear down socket connections if an app becomes inactive.
My workaround has been simply not to include ENOTCONN in the non-fatal codes.
This doesn't have any negative side effects in my testing but I'm not sure if
it might in general. I don't know enough whether ENOTCONN might be validly
returned before TCP handshaking has finished and if, in that case, if the flow
of SSL connection creation might go through this function. If that were the
case, it seems like it's going to take more significant refactoring to be able
to tell from connection context whether ENOTCONN is fatal or not.
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org