Document SSL_R_UNEXPECTED_EOF_WHILE_READING

Also document that it is ok to use this for control flow decisions.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23304)

diff --git a/doc/man3/SSL_get_error.pod b/doc/man3/SSL_get_error.pod
index c3ab1741b16f6c71521a5995211987b9bf01e016..a205d2ae1a8d932970676c0ff365177a9f4c52c6 100644 (file)
--- a/doc/man3/SSL_get_error.pod
+++ b/doc/man3/SSL_get_error.pod
@@ -32,7 +32,9 @@ Some TLS implementations do not send a close_notify alert on shutdown.
 On an unexpected EOF, versions before OpenSSL 3.0 returned
 B<SSL_ERROR_SYSCALL>, nothing was added to the error stack, and errno was 0.
 Since OpenSSL 3.0 the returned error is B<SSL_ERROR_SSL> with a meaningful
-error on the error stack.
+error on the error stack (SSL_R_UNEXPECTED_EOF_WHILE_READING). This error reason
+code may be used for control flow decisions (see the man page for
+L<ERR_GET_REASON(3)> for further details on this).
 
 =head1 RETURN VALUES
 

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 8a2db5817fd27ee9186a4fff6dd94f8d918c91ed..3856708a83ceb1dd46484a098a404e990ba71cb8 100644 (file)
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -466,6 +466,10 @@ int ossl_tls_handle_rlayer_return(SSL_CONNECTION *s, int writing, int ret,
             } else {
                 ERR_new();
                 ERR_set_debug(file, line, 0);
+                /*
+                 * This reason code is part of the API and may be used by
+                 * applications for control flow decisions.
+                 */
                 ossl_statem_fatal(s, SSL_AD_DECODE_ERROR,
                                   SSL_R_UNEXPECTED_EOF_WHILE_READING, NULL);
             }