From 673aa5deac8dc0305d20261afb86fe065db42494 Mon Sep 17 00:00:00 2001 From: Artem Boldariev Date: Thu, 14 Jul 2022 23:33:26 +0300 Subject: [PATCH] TLS: clear 'errno' when handling SSL status Sometimes tls_do_bio() might be called when there is no new data to process (most notably, when resuming reads), in such a case internal TLS session state will remain untouched and old value in 'errno' will alter the result of SSL_get_error() call, possibly making it to return SSL_ERROR_SYSCALL. This value will be treated as an error, and will lead to closing the connection, which is not what expected. --- lib/isc/netmgr/tlsstream.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/isc/netmgr/tlsstream.c b/lib/isc/netmgr/tlsstream.c index 169b391002..13789cd86a 100644 --- a/lib/isc/netmgr/tlsstream.c +++ b/lib/isc/netmgr/tlsstream.c @@ -496,6 +496,7 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data, } } } + errno = 0; tls_status = SSL_get_error(sock->tlsstream.tls, rv); saved_errno = errno;