From: Kevin Burke <kevin@burke.dev>
Date: Wed, 3 Nov 2021 05:50:07 +0000 (-0700)
Subject: vtls/rustls: handle RUSTLS_RESULT_PLAINTEXT_EMPTY
X-Git-Tag: curl-7_81_0~183
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1fef5922da63125e3ac262aa3d8360210a9edb1f;p=thirdparty%2Fcurl.git

vtls/rustls: handle RUSTLS_RESULT_PLAINTEXT_EMPTY

Previously we'd return CURLE_READ_ERROR if we received this, instead
of triggering the error handling logic that's present in the next if
block down.

After this change, curl requests to https://go.googlesource.com using
HTTP/2 complete successfully.

Fixes #7949
Closes #7948
---

diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index 338dc72467..9944d9ac47 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -161,20 +161,17 @@ cr_recv(struct Curl_easy *data, int sockindex,
       (uint8_t *)plainbuf + plain_bytes_copied,
       plainlen - plain_bytes_copied,
       &n);
-    if(rresult == RUSTLS_RESULT_ALERT_CLOSE_NOTIFY) {
+    if(n == 0) {
       *err = CURLE_OK;
       return 0;
     }
-    else if(rresult != RUSTLS_RESULT_OK) {
+    else if(rresult != RUSTLS_RESULT_OK &&
+            rresult != RUSTLS_RESULT_PLAINTEXT_EMPTY) {
       failf(data, "error in rustls_connection_read");
       *err = CURLE_READ_ERROR;
       return -1;
     }
-    else if(n == 0) {
-      /* rustls returns 0 from connection_read to mean "all currently
-        available data has been read." If we bring in more ciphertext with
-        read_tls, more plaintext will become available. So don't tell curl
-        this is an EOF. Instead, say "come back later." */
+    else if(rresult == RUSTLS_RESULT_PLAINTEXT_EMPTY) {
       infof(data, "cr_recv got 0 bytes of plaintext");
       backend->data_pending = FALSE;
       break;