diff --git a/bio.go b/bio.go index 8be9c4f3..136376c5 100644 --- a/bio.go +++ b/bio.go @@ -283,6 +283,9 @@ type anyBio C.BIO func asAnyBio(b *C.BIO) *anyBio { return (*anyBio)(b) } func (b *anyBio) Read(buf []byte) (n int, err error) { + if len(buf) == 0 { + return 0, nil + } n = int(C.BIO_read((*C.BIO)(b), unsafe.Pointer(&buf[0]), C.int(len(buf)))) if n <= 0 { return 0, io.EOF @@ -291,6 +294,9 @@ func (b *anyBio) Read(buf []byte) (n int, err error) { } func (b *anyBio) Write(buf []byte) (written int, err error) { + if len(buf) == 0 { + return 0, nil + } n := int(C.BIO_write((*C.BIO)(b), unsafe.Pointer(&buf[0]), C.int(len(buf)))) if n != len(buf) { diff --git a/conn.go b/conn.go index 02fbb329..d5fd538b 100644 --- a/conn.go +++ b/conn.go @@ -316,6 +316,9 @@ func (c *Conn) Close() error { } func (c *Conn) read(b []byte) (int, func() error) { + if len(b) == 0 { + return 0, nil + } c.mtx.Lock() defer c.mtx.Unlock() if c.is_shutdown { @@ -353,6 +356,9 @@ func (c *Conn) Read(b []byte) (n int, err error) { } func (c *Conn) write(b []byte) (int, func() error) { + if len(b) == 0 { + return 0, nil + } c.mtx.Lock() defer c.mtx.Unlock() if c.is_shutdown { diff --git a/ctx.go b/ctx.go index 291a9ee6..69314e33 100644 --- a/ctx.go +++ b/ctx.go @@ -268,8 +268,11 @@ func (c *Ctx) SetVerifyDepth(depth int) { func (c *Ctx) SetSessionId(session_id []byte) error { runtime.LockOSThread() defer runtime.UnlockOSThread() - if int(C.SSL_CTX_set_session_id_context(c.ctx, - (*C.uchar)(unsafe.Pointer(&session_id[0])), + var ptr *C.uchar + if len(session_id) > 0 { + ptr = (*C.uchar)(unsafe.Pointer(&session_id[0])) + } + if int(C.SSL_CTX_set_session_id_context(c.ctx, ptr, C.uint(len(session_id)))) == 0 { return errorFromErrorQueue() } diff --git a/pem.go b/pem.go index 3a2893a5..4f78e092 100644 --- a/pem.go +++ b/pem.go @@ -119,6 +119,9 @@ func (key *pKey) MarshalPKIXPublicKeyDER() (der_block []byte, // LoadPrivateKey loads a private key from a PEM-encoded block. func LoadPrivateKey(pem_block []byte) (PrivateKey, error) { + if len(pem_block) == 0 { + return nil, errors.New("empty pem block") + } bio := C.BIO_new_mem_buf(unsafe.Pointer(&pem_block[0]), C.int(len(pem_block))) if bio == nil { @@ -155,6 +158,9 @@ type Certificate struct { // LoadCertificate loads an X509 certificate from a PEM-encoded block. func LoadCertificate(pem_block []byte) (*Certificate, error) { + if len(pem_block) == 0 { + return nil, errors.New("empty pem block") + } runtime.LockOSThread() defer runtime.UnlockOSThread() bio := C.BIO_new_mem_buf(unsafe.Pointer(&pem_block[0]),