From 0cd2ee64bffcdece599c3e4b5fac3830a55dc0fa Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Wed, 25 Mar 2020 14:18:13 +0100 Subject: [PATCH] Document the revert of the proper reporting of an unexpected EOF Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/11400) --- CHANGES | 7 +++++++ NEWS | 4 +++- doc/man3/SSL_get_error.pod | 12 ++++++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index ac6777eae8..bfd072965f 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,13 @@ Changes between 1.1.1e and 1.1.1f [xx XXX xxxx] + *) Revert the change of EOF detection while reading in libssl to avoid + regressions in applications depending on the current way of reporting + the EOF. As the existing method is not fully accurate the change to + reporting the EOF via SSL_ERROR_SSL is kept on the current development + branch and will be present in the 3.0 release. + [Tomas Mraz] + *) Revised BN_generate_prime_ex to not avoid factors 3..17863 in p-1 when primes for RSA keys are computed. Since we previously always generated primes == 2 (mod 3) for RSA keys, diff --git a/NEWS b/NEWS index 64722d5e92..056e46d137 100644 --- a/NEWS +++ b/NEWS @@ -7,12 +7,14 @@ Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [under development] - o + o Revert the unexpected EOF reporting via SSL_ERROR_SSL Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020] o Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (CVE-2019-1551) + o Properly detect unexpected EOF while reading in libssl and report + it via SSL_ERROR_SSL Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019] diff --git a/doc/man3/SSL_get_error.pod b/doc/man3/SSL_get_error.pod index 97320a6c15..6ef6f7d4c5 100644 --- a/doc/man3/SSL_get_error.pod +++ b/doc/man3/SSL_get_error.pod @@ -155,6 +155,18 @@ connection and SSL_shutdown() must not be called. =back +=head1 BUGS + +The B with B value of 0 indicates unexpected EOF from +the peer. This will be properly reported as B with reason +code B in the OpenSSL 3.0 release because +it is truly a TLS protocol error to terminate the connection without +a SSL_shutdown(). + +The issue is kept unfixed in OpenSSL 1.1.1 releases because many applications +which choose to ignore this protocol error depend on the existing way of +reporting the error. + =head1 SEE ALSO L -- GitLab