Handle the case where the read buffer is empty but we have received FIN

In some cases where a FIN has been received but with no data quic_read_actual
was failing to raise SSL_ERROR_ZERO_RETURN. This meant that we could end up
blocking in SSL_read(_ex) for too long.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21780)

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index cf6233fc5b59c2967328f81a1d0622ae4f678a6a..b0d613299f6694ce8ad594210dcb748f466bebe0 100644 (file)
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -2237,6 +2237,9 @@ static int quic_read_actual(QCTX *ctx,
                                               stream);
     }
 
+    if (*bytes_read == 0 && is_fin)
+        return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
+
     return 1;
 }