I'm wondering whether the Mac SSL plugin is correct in returning SQSSL_GENERIC_ERROR from sqDecryptSSL when its SSLRead invocation returns errSSLClosedGraceful.
I'm trying to figure out why ZdcSecureSocketStream is sometimes signaling an error “Error: SSL Exception: decrypt failed [code:-5]”. I enabled logging in the SSL plugin and got the following output:
[...]
sqDecryptSSL: Input data 0 bytes
sqDecryptSSL: Decrypting 69 bytes
SqueakSSLRead: Requesting 5 bytes, having 69 bytes
SqueakSSLRead: Requesting 64 bytes, having 64 bytes
SqueakSSLWrite: Writing 69 bytes, having 16971 free
sqDecryptSSL: SSLRead returned -9805
Error: SSL Exception: decrypt failed [code:-5]
ZdcSecureSocketStream(Object)>>error:
ZdcSecureSocketStream>>sslException:code:
ZdcSecureSocketStream>>fillBytes:startingAt:count: in Block: [ ...
ZdcSecureSocketStream>>fillBytes:startingAt:count:
[...]
The related code in the SSL plugin is the sqDecryptSSL function on lines 355-387 in sqMacSSL.c; -5 is SQSSL_GENERIC_ERROR defined on line 22 of SqueakSSL.h:
https://code.google.com/p/squeakssl/source/browse/src/Mac%20OS/sqMacSSL.c#355 https://code.google.com/p/squeakssl/source/browse/src/Cross/SqueakSSL.h#22The above log shows that the SSLRead invocation on line 383 returned -9805 which is errSSLClosedGraceful:
https://developer.apple.com/library/mac/documentation/Security/Reference/secureTransportRef/index.html#//apple_ref/c/econst/errSSLClosedGracefulI'm not really sure what this status code means, but the description “closed gracefully” (as opposed to the description “closed due to an error” for errSSLClosedAbort) makes me wonder whether sqDecryptSSL shouldn't handle this status code as something other than an error?
Locked
