From 057a5294a33ac9d199deb27d10809243a91864a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnter=20Obiltschnig?= Date: Sat, 22 Mar 2025 18:58:08 +0100 Subject: [PATCH] fix(NetSSL): NetSSL_OpenSSL: non-blocking functions return value #4906 --- .../include/Poco/Net/SecureStreamSocket.h | 5 ++- NetSSL_OpenSSL/src/SecureSocketImpl.cpp | 7 +++- .../include/Poco/Net/SecureSocketImpl.h | 1 + .../include/Poco/Net/SecureStreamSocket.h | 5 ++- NetSSL_Win/src/SecureSocketImpl.cpp | 40 +++++++++++++++---- 5 files changed, 44 insertions(+), 14 deletions(-) diff --git a/NetSSL_OpenSSL/include/Poco/Net/SecureStreamSocket.h b/NetSSL_OpenSSL/include/Poco/Net/SecureStreamSocket.h index e013f88a7..4cafb482d 100644 --- a/NetSSL_OpenSSL/include/Poco/Net/SecureStreamSocket.h +++ b/NetSSL_OpenSSL/include/Poco/Net/SecureStreamSocket.h @@ -53,8 +53,9 @@ class NetSSL_API SecureStreamSocket: public StreamSocket public: enum { - ERR_SSL_WANT_READ = -1, - ERR_SSL_WANT_WRITE = -2 + ERR_SSL_WOULD_BLOCK = -1, + ERR_SSL_WANT_READ = -2, + ERR_SSL_WANT_WRITE = -3 }; SecureStreamSocket(); diff --git a/NetSSL_OpenSSL/src/SecureSocketImpl.cpp b/NetSSL_OpenSSL/src/SecureSocketImpl.cpp index 87d736cad..e105f5cad 100644 --- a/NetSSL_OpenSSL/src/SecureSocketImpl.cpp +++ b/NetSSL_OpenSSL/src/SecureSocketImpl.cpp @@ -267,7 +267,7 @@ int SecureSocketImpl::shutdown() if (rc < 0) { if (SocketImpl::lastError() == POCO_EWOULDBLOCK) - rc = SecureStreamSocket::ERR_SSL_WANT_WRITE; + rc = SecureStreamSocket::ERR_SSL_WOULD_BLOCK; else rc = handleError(rc); } @@ -554,7 +554,10 @@ int SecureSocketImpl::handleError(int rc) case SSL_ERROR_SYSCALL: if (socketError) { - SocketImpl::error(socketError); + if (socketError == POCO_EWOULDBLOCK) + return SecureStreamSocket::ERR_SSL_WOULD_BLOCK; + else + SocketImpl::error(socketError); } // fallthrough default: diff --git a/NetSSL_Win/include/Poco/Net/SecureSocketImpl.h b/NetSSL_Win/include/Poco/Net/SecureSocketImpl.h index 268ab2fe6..cd0de1f02 100644 --- a/NetSSL_Win/include/Poco/Net/SecureSocketImpl.h +++ b/NetSSL_Win/include/Poco/Net/SecureSocketImpl.h @@ -320,6 +320,7 @@ protected: bool stateMachine(); State getState() const; void setState(State st); + static int stateToReturnValue(State state); static bool isLocalHost(const std::string& hostName); #ifdef ENABLE_PRINT_STATE diff --git a/NetSSL_Win/include/Poco/Net/SecureStreamSocket.h b/NetSSL_Win/include/Poco/Net/SecureStreamSocket.h index 902c42d65..2484a9f76 100644 --- a/NetSSL_Win/include/Poco/Net/SecureStreamSocket.h +++ b/NetSSL_Win/include/Poco/Net/SecureStreamSocket.h @@ -53,8 +53,9 @@ class NetSSL_Win_API SecureStreamSocket: public StreamSocket public: enum { - ERR_SSL_WANT_READ = -1, - ERR_SSL_WANT_WRITE = -2 + ERR_SSL_WOULD_BLOCK = -1, + ERR_SSL_WANT_READ = -2, + ERR_SSL_WANT_WRITE = -3 }; SecureStreamSocket(); diff --git a/NetSSL_Win/src/SecureSocketImpl.cpp b/NetSSL_Win/src/SecureSocketImpl.cpp index c6d38d861..dc661907f 100644 --- a/NetSSL_Win/src/SecureSocketImpl.cpp +++ b/NetSSL_Win/src/SecureSocketImpl.cpp @@ -16,6 +16,7 @@ #include "Poco/Net/SSLException.h" #include "Poco/Net/SSLManager.h" #include "Poco/Net/Utility.h" +#include "Poco/Net/SecureStreamSocket.h" #include "Poco/Net/SecureStreamSocketImpl.h" #include "Poco/Net/StreamSocket.h" #include "Poco/Net/StreamSocketImpl.h" @@ -342,6 +343,29 @@ void SecureSocketImpl::verifyPeerCertificate(const std::string& hostName) } +int SecureSocketImpl::stateToReturnValue(State state) +{ + switch (state) + { + case ST_DONE: + return 0; + + case ST_CLIENT_HSK_SEND_TOKEN: + case ST_CLIENT_HSK_SEND_FINAL: + case ST_CLIENT_HSK_SEND_ERROR: + case ST_SERVER_HSK_LOOP_SEND: + return SecureStreamSocket::ERR_SSL_WANT_WRITE; + + case ST_CLIENT_HSK_LOOP_RECV: + case ST_SERVER_HSK_LOOP_RECV: + return SecureStreamSocket::ERR_SSL_WANT_READ; + + default: + return SecureStreamSocket::ERR_SSL_WOULD_BLOCK; + } +} + + bool SecureSocketImpl::isLocalHost(const std::string& hostName) { SocketAddress addr(hostName, 0); @@ -383,7 +407,7 @@ int SecureSocketImpl::sendBytes(const void* buffer, int length, int flags) { // no-op } - if (_state != ST_DONE) return -1; + if (_state != ST_DONE) return stateToReturnValue(_state); } } @@ -395,7 +419,7 @@ int SecureSocketImpl::sendBytes(const void* buffer, int length, int flags) _sendBufferOffset += sent; _sendBufferPending -= sent; } - return _sendBufferPending == 0 ? length : -1; + return _sendBufferPending == 0 ? length : SecureStreamSocket::ERR_SSL_WOULD_BLOCK; } int dataToSend = length; @@ -448,13 +472,13 @@ int SecureSocketImpl::sendBytes(const void* buffer, int length, int flags) _sendBufferOffset += sent; _sendBufferPending -= sent; if (_sendBufferPending > 0) - return -1; + return SecureStreamSocket::ERR_SSL_WOULD_BLOCK; else return dataSent; } else { - return -1; + return SecureStreamSocket::ERR_SSL_WOULD_BLOCK; } } @@ -480,7 +504,7 @@ int SecureSocketImpl::receiveBytes(void* buffer, int length, int flags) { // no-op } - if (_state != ST_DONE) return -1; + if (_state != ST_DONE) return stateToReturnValue(_state); } } @@ -524,7 +548,7 @@ int SecureSocketImpl::receiveBytes(void* buffer, int length, int flags) int numBytes = receiveRawBytes(_recvBuffer.begin() + _recvBufferOffset, _ioBufferSize - _recvBufferOffset); if (numBytes == -1) - return -1; + return SecureStreamSocket::ERR_SSL_WOULD_BLOCK; else if (numBytes == 0) break; else @@ -590,7 +614,7 @@ int SecureSocketImpl::receiveBytes(void* buffer, int length, int flags) _needData = false; setState(ST_CLIENT_HSK_LOOP_INIT); if (!_pSocket->getBlocking()) - return bytesDecoded > 0 ? bytesDecoded : -1; + return bytesDecoded > 0 ? bytesDecoded : SecureStreamSocket::ERR_SSL_WOULD_BLOCK; securityStatus = doHandshake(); @@ -1315,7 +1339,7 @@ int SecureSocketImpl::completeHandshake() { // no-op } - return (_state == ST_DONE) ? 0 : -1; + return stateToReturnValue(_state); } }