From: Gunnar Beutner <gunnar.beutner@netways.de>
Date: Tue, 9 Sep 2014 13:28:55 +0000 (+0200)
Subject: Properly deal with closed TLS streams
X-Git-Tag: v2.1.1~16
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=092983d5addd50a526374d50b5f384520ed96fc1;p=icinga2

Properly deal with closed TLS streams

fixes #6892
---

diff --git a/lib/base/tlsutility.hpp b/lib/base/tlsutility.hpp
index edfdb1c09..b44b902c2 100644
--- a/lib/base/tlsutility.hpp
+++ b/lib/base/tlsutility.hpp
@@ -43,7 +43,7 @@ String I2_BASE_API SHA256(const String& s);
 class I2_BASE_API openssl_error : virtual public std::exception, virtual public boost::exception { };
 
 struct errinfo_openssl_error_;
-typedef boost::error_info<struct errinfo_openssl_error_, int> errinfo_openssl_error;
+typedef boost::error_info<struct errinfo_openssl_error_, unsigned long> errinfo_openssl_error;
 
 inline std::string to_string(const errinfo_openssl_error& e)
 {
diff --git a/lib/remote/apiclient.cpp b/lib/remote/apiclient.cpp
index cc0e7a4a4..9b6117fe2 100644
--- a/lib/remote/apiclient.cpp
+++ b/lib/remote/apiclient.cpp
@@ -116,7 +116,21 @@ void ApiClient::DisconnectSync(void)
 
 bool ApiClient::ProcessMessage(void)
 {
-	Dictionary::Ptr message = JsonRpc::ReadMessage(m_Stream);
+	Dictionary::Ptr message;
+
+	if (m_Stream->IsEof())
+		return false;
+
+	try {
+		message = JsonRpc::ReadMessage(m_Stream);
+	} catch (const openssl_error& ex) {
+		const unsigned long *pe = boost::get_error_info<errinfo_openssl_error>(ex);
+
+		if (pe && *pe == 0)
+			return false; /* Connection was closed cleanly */
+
+		throw;
+	}
 
 	if (!message)
 		return false;