To add keep-alive support the read handler got changed a lot. Now when

tls_read hits the EOF (s == 0) case it is always a cause to close the
connection. All possible data was already consumed and if something is
still in the buffer then it remained in there for a reason.
Issue noticed and OK deraadt@

diff --git a/usr.sbin/rpki-client/http.c b/usr.sbin/rpki-client/http.c
index 1ce8cd5..224d456 100644 (file)
--- a/usr.sbin/rpki-client/http.c
+++ b/usr.sbin/rpki-client/http.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: http.c,v 1.32 2021/04/20 14:32:49 claudio Exp $  */
+/*     $OpenBSD: http.c,v 1.33 2021/05/10 15:12:33 claudio Exp $  */
 /*
  * Copyright (c) 2020 Nils Fisher <nils_fisher@hotmail.com>
  * Copyright (c) 2020 Claudio Jeker <claudio@openbsd.org>
@@ -1123,7 +1123,7 @@ read_more:
                return WANT_POLLOUT;
        }
 
-       if (s == 0 && conn->bufpos == 0) {
+       if (s == 0) {
                if (conn->req)
                        warnx("%s: short read, connection closed",
                            http_info(conn->req->uri));