rustls: remove incorrect EOF check

The update to rustls-ffi 0.8.0 changed handling of EOF and close_notify. From the CHANGELOG: > Handling of unclean close and the close_notify TLS alert. Mirroring > upstream changes, a rustls_connection now tracks TCP closed state like > so: rustls_connection_read_tls considers a 0-length read from its > callback to mean "TCP stream was closed by peer." If that happens > before the peer sent close_notify, rustls_connection_read will return > RUSTLS_RESULT_UNEXPECTED_EOF once the available plaintext bytes are > exhausted. This is useful to protect against truncation attacks. Note: > some TLS implementations don't send close_notify. If you are already > getting length information from your protocol (e.g. Content-Length in > HTTP) you may choose to ignore UNEXPECTED_EOF so long as the number of > plaintext bytes was as expected. That means we don't need to check for unclean EOF in `cr_recv()`, because `process_new_packets()` will give us an error if appropriate. Closes #8003
2025-02-23 15:10:03 +08:00 · 2021-11-12 18:18:41 -08:00 · 2021-11-12 18:18:41 -08:00 · be8d77b146
commit be8d77b146
parent 26247a0d7e
1 changed files with 0 additions and 5 deletions
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@ -138,11 +138,6 @@ cr_recv(struct Curl_easy *data, int sockindex,
    *err = CURLE_READ_ERROR;
    return -1;
  }
-  else if(tls_bytes_read == 0) {
-    failf(data, "connection closed without TLS close_notify alert");
-    *err = CURLE_READ_ERROR;
-    return -1;
-  }

  infof(data, "cr_recv read %ld bytes from the network", tls_bytes_read);