From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 5 Dec 2022 10:29:38 +0000 (+0100)
Subject: openssl: return -1 on error in the BIO callbacks
X-Git-Tag: curl-7_87_0~60
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5ec759247a9b9e7aae310f986439d8fcf1445977;p=thirdparty%2Fcurl.git

openssl: return -1 on error in the BIO callbacks

BIO_read and BIO_write return negative numbers on error, including
retryable ones. A regression from 55807e6. Both branches should be
returning -1.

The APIs are patterned after POSIX read and write which, similarly,
return -1 on errors, not zero, with EAGAIN treated as an error.

Bug: https://github.com/curl/curl/issues/10013#issuecomment-1335308146
Reported-by: David Benjamin
Closes #10021
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index dd7201ac7d..e7a1caabf7 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -713,13 +713,8 @@ static int bio_cf_out_write(BIO *bio, const char *buf, int blen)
   BIO_clear_retry_flags(bio);
   connssl->backend->io_result = result;
   if(nwritten < 0) {
-    if(CURLE_AGAIN == result) {
+    if(CURLE_AGAIN == result)
       BIO_set_retry_write(bio);
-      nwritten = 0;
-    }
-    else {
-      nwritten = -1;
-    }
   }
   return (int)nwritten;
 }
@@ -743,13 +738,8 @@ static int bio_cf_in_read(BIO *bio, char *buf, int blen)
   BIO_clear_retry_flags(bio);
   connssl->backend->io_result = result;
   if(nread < 0) {
-    if(CURLE_AGAIN == result) {
+    if(CURLE_AGAIN == result)
       BIO_set_retry_read(bio);
-      nread = 0;
-    }
-    else {
-      nread = -1;
-    }
   }
   return (int)nread;
 }