From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 22 Feb 2020 19:53:48 +0000 (+0100)
Subject: ssl_recv_data(): Properly handle MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY
X-Git-Tag: v_3_0_29~501
X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=commitdiff_plain;h=988c90194b46bdb232ae958857ab846de4717d42

ssl_recv_data(): Properly handle MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY

Previously ssl_recv_data() would pass it to the caller
which would treat it as an error.

Sponsored by: Robert Klemme
---

diff --git a/ssl.c b/ssl.c
index 56360fc8..7faee3a1 100644
--- a/ssl.c
+++ b/ssl.c
@@ -289,6 +289,12 @@ extern int ssl_recv_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t ma
    {
       char err_buf[ERROR_BUF_SIZE];
 
+      if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY)
+      {
+         log_error(LOG_LEVEL_CONNECT,
+            "The peer notified us that the connection is going to be closed");
+         return 0;
+      }
       mbedtls_strerror(ret, err_buf, sizeof(err_buf));
       log_error(LOG_LEVEL_ERROR,
          "Receiving data over TLS/SSL failed: %s", err_buf);