I'm wondering whether the Mac SSL plugin is correct in returning
SQSSL_GENERIC_ERROR from sqDecryptSSL when its SSLRead invocation returns
errSSLClosedGraceful.
I'm trying to figure out why ZdcSecureSocketStream is sometimes signaling an
error “Error: SSL Exception: decrypt failed [code:-5]”. I enabled logging in
the SSL plugin and got the following output:
[...]
sqDecryptSSL: Input data 0 bytes
sqDecryptSSL: Decrypting 69 bytes
SqueakSSLRead: Requesting 5 bytes, having 69 bytes
SqueakSSLRead: Requesting 64 bytes, having 64 bytes
SqueakSSLWrite: Writing 69 bytes, having 16971 free
sqDecryptSSL: SSLRead returned -9805
Error: SSL Exception: decrypt failed [code:-5]
ZdcSecureSocketStream(Object)>>error:
ZdcSecureSocketStream>>sslException:code:
ZdcSecureSocketStream>>fillBytes:startingAt:count: in Block: [ ...
ZdcSecureSocketStream>>fillBytes:startingAt:count:
[...]
The related code in the SSL plugin is the sqDecryptSSL function on lines
355-387 in sqMacSSL.c; -5 is SQSSL_GENERIC_ERROR defined on line 22 of
SqueakSSL.h:
https://code.google.com/p/squeakssl/source/browse/src/Mac%20OS/sqMacSSL.c#355
https://code.google.com/p/squeakssl/source/browse/src/Cross/SqueakSSL.h#22
The above log shows that the SSLRead invocation on line 383 returned -9805
which is errSSLClosedGraceful:
https://developer.apple.com/library/mac/documentation/Security/Reference/secureTransportRef/index.html#//apple_ref/c/econst/errSSLClosedGraceful
I'm not really sure what this status code means, but the description “closed
gracefully” (as opposed to the description “closed due to an error” for
errSSLClosedAbort) makes me wonder whether sqDecryptSSL shouldn't handle this
status code as something other than an error?
