Add ssl_close_notify() to servers that missed it

This commit is contained in:
Manuel Pégourié-Gonnard 2014-03-25 11:24:43 +01:00
parent 00d538f8f9
commit 6b0d268bc9
5 changed files with 50 additions and 6 deletions

View file

@ -4,6 +4,7 @@ PolarSSL ChangeLog (Sorted per branch, date)
Bugfix Bugfix
* The length of various ClientKeyExchange messages was not properly checked. * The length of various ClientKeyExchange messages was not properly checked.
* Some example server programs were not sending the close_notify alert.
= PolarSSL 1.3.5 released on 2014-03-26 = PolarSSL 1.3.5 released on 2014-03-26
Features Features

View file

@ -1002,6 +1002,7 @@ send_request:
if( ret == 0 ) if( ret == 0 )
{ {
printf("\n\nEOF\n\n"); printf("\n\nEOF\n\n");
ssl_close_notify( &ssl );
break; break;
} }
@ -1010,12 +1011,12 @@ send_request:
} }
while( 1 ); while( 1 );
ssl_close_notify( &ssl );
if( opt.reconnect != 0 ) if( opt.reconnect != 0 )
{ {
--opt.reconnect; --opt.reconnect;
net_close( server_fd );
#if defined(POLARSSL_TIMING_C) #if defined(POLARSSL_TIMING_C)
if( opt.reco_delay > 0 ) if( opt.reco_delay > 0 )
m_sleep( 1000 * opt.reco_delay ); m_sleep( 1000 * opt.reco_delay );
@ -1055,6 +1056,8 @@ send_request:
} }
exit: exit:
if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY )
ret = 0;
#ifdef POLARSSL_ERROR_C #ifdef POLARSSL_ERROR_C
if( ret != 0 ) if( ret != 0 )
@ -1062,9 +1065,6 @@ exit:
char error_buf[100]; char error_buf[100];
polarssl_strerror( ret, error_buf, 100 ); polarssl_strerror( ret, error_buf, 100 );
printf("Last error was: -0x%X - %s\n\n", -ret, error_buf ); printf("Last error was: -0x%X - %s\n\n", -ret, error_buf );
if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY )
ret = 0;
} }
#endif #endif

View file

@ -270,6 +270,21 @@ static void *handle_ssl_connection( void *data )
printf( " [ #%d ] %d bytes written\n=====\n%s\n=====\n", printf( " [ #%d ] %d bytes written\n=====\n%s\n=====\n",
thread_id, len, (char *) buf ); thread_id, len, (char *) buf );
printf( " [ #%d ] . Closing the connection...", thread_id );
while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
{
if( ret != POLARSSL_ERR_NET_WANT_READ &&
ret != POLARSSL_ERR_NET_WANT_WRITE )
{
printf( " [ #%d ] failed: ssl_close_notify returned -0x%04x\n",
thread_id, ret );
goto thread_exit;
}
}
printf( " ok\n" );
ret = 0; ret = 0;
thread_exit: thread_exit:

View file

@ -323,7 +323,21 @@ reset:
len = ret; len = ret;
printf( " %d bytes written\n\n%s\n", len, (char *) buf ); printf( " %d bytes written\n\n%s\n", len, (char *) buf );
printf( " . Closing the connection..." );
while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
{
if( ret != POLARSSL_ERR_NET_WANT_READ &&
ret != POLARSSL_ERR_NET_WANT_WRITE )
{
printf( " failed\n ! ssl_close_notify returned %d\n\n", ret );
goto reset;
}
}
printf( " ok\n" );
ret = 0; ret = 0;
goto reset; goto reset;

View file

@ -1261,6 +1261,20 @@ reset:
printf( " ok\n" ); printf( " ok\n" );
} }
printf( " . Closing the connection..." );
while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
{
if( ret != POLARSSL_ERR_NET_WANT_READ &&
ret != POLARSSL_ERR_NET_WANT_WRITE )
{
printf( " failed\n ! ssl_close_notify returned %d\n\n", ret );
goto reset;
}
}
printf( " ok\n" );
ret = 0; ret = 0;
goto reset; goto reset;