41 lines
1.8 KiB
Diff
41 lines
1.8 KiB
Diff
From a57ebca127a49869296ee2790e28eb37fdd20488 Mon Sep 17 00:00:00 2001
|
|
From: Robbie Harwood <rharwood@redhat.com>
|
|
Date: Wed, 19 May 2021 19:33:34 -0400
|
|
Subject: [PATCH] Handle SSL_read changed behavior on server hangup
|
|
|
|
(cherry picked from commit 948e3c5b89fcfdb64ea5af177c7e30a6ce8a477b)
|
|
---
|
|
src/include/k5-trace.h | 2 --
|
|
src/lib/krb5/os/sendto_kdc.c | 5 +++--
|
|
2 files changed, 3 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/src/include/k5-trace.h b/src/include/k5-trace.h
|
|
index 79b5a7a85..7bd385d68 100644
|
|
--- a/src/include/k5-trace.h
|
|
+++ b/src/include/k5-trace.h
|
|
@@ -395,8 +395,6 @@ void krb5int_trace(krb5_context context, const char *fmt, ...);
|
|
TRACE(c, "Received answer ({int} bytes) from {raddr}", len, raddr)
|
|
#define TRACE_SENDTO_KDC_HTTPS_ERROR_CONNECT(c, raddr) \
|
|
TRACE(c, "HTTPS error connecting to {raddr}", raddr)
|
|
-#define TRACE_SENDTO_KDC_HTTPS_ERROR_RECV(c, raddr) \
|
|
- TRACE(c, "HTTPS error receiving from {raddr}", raddr)
|
|
#define TRACE_SENDTO_KDC_HTTPS_ERROR_SEND(c, raddr) \
|
|
TRACE(c, "HTTPS error sending to {raddr}", raddr)
|
|
#define TRACE_SENDTO_KDC_HTTPS_SEND(c, raddr) \
|
|
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
|
|
index 0eedec175..e874130d9 100644
|
|
--- a/src/lib/krb5/os/sendto_kdc.c
|
|
+++ b/src/lib/krb5/os/sendto_kdc.c
|
|
@@ -1320,8 +1320,9 @@ https_read_bytes(krb5_context context, struct conn_state *conn,
|
|
} else if (st == WANT_WRITE) {
|
|
cm_write(selstate, conn->fd);
|
|
} else if (st == ERROR_TLS) {
|
|
- TRACE_SENDTO_KDC_HTTPS_ERROR_RECV(context, &conn->addr);
|
|
- kill_conn(context, conn, selstate);
|
|
+ /* In OpenSSL 3, a server hangup is a TLS error. Rely on our decoder
|
|
+ * to handle this instead. */
|
|
+ return TRUE;
|
|
}
|
|
return FALSE;
|
|
}
|