LibTLS: Notify on_ready_to_read after handling fatal errors

The `on_ready_to_read` callback on the underlying socket will be called
for various reasons which do not always guarantee that the next read
operation will be successful. For example, the server might have sent an
alert or a TCP RST.

We handle fatal errors on the SSL connection before calling to the user
so that `can_read_without_blocking` does not falsely advertise. The same
checks should be performed there, but it is not possible due to the
function being const.

Author: devgianlu

Libraries/LibTLS/TLSv12.cpp

@@ -154,6 +154,23 @@ TLSv12::TLSv12(NonnullOwnPtr<Core::TCPSocket> socket, SSL_CTX* ssl_ctx, SSL* ssl
     , m_socket(move(socket))
 {
     m_socket->on_ready_to_read = [this] {
+        // There is something to read on the underlying TCP connection. This doesn't mean there is actual data to read from the SSL connection.
+        // For example, we might have received an alert or a connection reset.
+
+        char buffer[1];
+        auto ret = SSL_peek(m_ssl, buffer, 1);
+        if (ret <= 0) {
+            switch (SSL_get_error(m_ssl, ret)) {
+            case SSL_ERROR_SSL:
+            case SSL_ERROR_SYSCALL:
+                handle_fatal_error();
+                break;
+            default:
+                break;
+            }
+        }
+
+        // Now that we handled possible fatal errors, we can notify the user that there is data to read.
         if (on_ready_to_read)
             on_ready_to_read();
     };