Signed-off-by: Paul Gofman pgofman@codeweavers.com --- Server may decide to close the connection that we have cached. In that case it may send 'Close notify' encrypted alert and then close the connection. Gnutls processes that [1] and returns zero length record from gnutls_record_recv().

We currently check for EOF on socket in netconn_is_alive(). But in that case the socket has 31 byte of data in the buffer while the socket is de facto closed already. read_ssl_chunk() will process this message leaving the socket in the EOF state. If there is some unrelated message it should stay in peek_msg buffer. read_ssl_chunk() should not block on receiving the data as the socket is in the non blocking state.

1. https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/record.c#L881

dlls/winhttp/net.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+)

diff --git a/dlls/winhttp/net.c b/dlls/winhttp/net.c index 8597179dc3e..3016608404a 100644 --- a/dlls/winhttp/net.c +++ b/dlls/winhttp/net.c @@ -616,11 +616,31 @@ DWORD netconn_set_timeout( struct netconn *netconn, BOOL send, int value )

BOOL netconn_is_alive( struct netconn *netconn ) { + SIZE_T size; int len; char b; DWORD err; + BOOL eof;

set_blocking( netconn, FALSE ); + if (netconn->secure) + { + while (!netconn->peek_msg && !(err = read_ssl_chunk( netconn, NULL, 0, &size, &eof )) && !eof) + ; + + TRACE("Checking secure connection, err %d.\n", err); + + if (netconn->peek_msg || err == WSAEWOULDBLOCK) + { + set_blocking( netconn, TRUE ); + return TRUE; + } + if (err != SEC_E_OK && err != SEC_E_INCOMPLETE_MESSAGE) + { + set_blocking( netconn, TRUE ); + return FALSE; + } + } len = sock_recv( netconn->socket, &b, 1, MSG_PEEK ); err = WSAGetLastError(); set_blocking( netconn, TRUE );