Fix bug with ssl_close_notify and non-blocking I/O

This commit is contained in:
Manuel Pégourié-Gonnard 2014-08-19 16:14:04 +02:00
parent 44ade654c5
commit a13500fdf7
2 changed files with 6 additions and 6 deletions

View file

@ -14,6 +14,8 @@ Bugfix
renegotation was pending, and on client when a HelloRequest was received. renegotation was pending, and on client when a HelloRequest was received.
* Server-initiated renegotiation would fail with non-blocking I/O if the * Server-initiated renegotiation would fail with non-blocking I/O if the
write callback returned WANT_WRITE when requesting renegotiation. write callback returned WANT_WRITE when requesting renegotiation.
* ssl_close_notify() could send more than one message in some circumstances
with non-blocking I/O.
Changes Changes
* Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no * Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no

View file

@ -4501,11 +4501,8 @@ int ssl_close_notify( ssl_context *ssl )
SSL_DEBUG_MSG( 2, ( "=> write close notify" ) ); SSL_DEBUG_MSG( 2, ( "=> write close notify" ) );
if( ( ret = ssl_flush_output( ssl ) ) != 0 ) if( ssl->out_left != 0 )
{ return( ssl_flush_output( ssl ) );
SSL_DEBUG_RET( 1, "ssl_flush_output", ret );
return( ret );
}
if( ssl->state == SSL_HANDSHAKE_OVER ) if( ssl->state == SSL_HANDSHAKE_OVER )
{ {
@ -4513,13 +4510,14 @@ int ssl_close_notify( ssl_context *ssl )
SSL_ALERT_LEVEL_WARNING, SSL_ALERT_LEVEL_WARNING,
SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 ) SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 )
{ {
SSL_DEBUG_RET( 1, "ssl_send_alert_message", ret );
return( ret ); return( ret );
} }
} }
SSL_DEBUG_MSG( 2, ( "<= write close notify" ) ); SSL_DEBUG_MSG( 2, ( "<= write close notify" ) );
return( ret ); return( 0 );
} }
void ssl_transform_free( ssl_transform *transform ) void ssl_transform_free( ssl_transform *transform )