generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-27 11:06:50 +01:00
Code Issues Projects Releases Wiki Activity

#1605: try to do a proper SSL_shutdown()

Browse Source
This commit is contained in:
Guenter Obiltschnig
2017-02-22 21:42:02 +01:00
parent 915b9ed890
commit b2477e4c94
1 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
NetSSL_OpenSSL/src/SecureSocketImpl.cpp
View File

@@ -219,14 +219,20 @@ void SecureSocketImpl::shutdown()
bool shutdownSent = (shutdownState & SSL_SENT_SHUTDOWN) == SSL_SENT_SHUTDOWN; bool shutdownSent = (shutdownState & SSL_SENT_SHUTDOWN) == SSL_SENT_SHUTDOWN;
if (!shutdownSent) if (!shutdownSent)
{ {
// A proper clean shutdown would require us to // A proper clean shutdown requires us to
// retry the shutdown if we get a zero return // call SSL_shutdown() a second time if the
// value, until SSL_shutdown() returns 1. // first call returns 0.
// However, this will lead to problems with // Previously, this lead to problems with
// most web browsers, so we just set the shutdown // most web browsers, so we just called
// flag by calling SSL_shutdown() once and be // SSL_shutdown() once.
// done with it. // It seems that behavior has changed in newer
// OpenSSL and/or browser versions, and things
// seem to work better now.
int rc = SSL_shutdown(_pSSL); int rc = SSL_shutdown(_pSSL);
if (rc == 0 && _pSocket->getBlocking())
{
rc = SSL_shutdown(_pSSL);
}
if (rc < 0) handleError(rc); if (rc < 0) handleError(rc);
if (_pSocket->getBlocking()) if (_pSocket->getBlocking())
{ {