diff options
author | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2010-01-11 10:36:14 +0000 |
---|---|---|
committer | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2010-01-11 10:36:14 +0000 |
commit | cdb9bd56120b3d0bb2f205df4b247b3689af199e (patch) | |
tree | 5b6dcfed03a0932cd8843a9763c469aab2a114bf | |
parent | 8bbce60dce25157ee89f436574a206a8caac8680 (diff) | |
download | neon-cdb9bd56120b3d0bb2f205df4b247b3689af199e.tar.gz |
Merge r1780 from trunk:
* src/ne_socket.c (ne_sock_close): Do not wait for the peer's
close_notify alert with either GnuTLS or OpenSSL.
[HAVE_GNUTLS]: Fix memory leak: free the session object.
* src/ne_socket.h (ne_sock_close): Clarify close_notify handling.
git-svn-id: http://svn.webdav.org/repos/projects/neon/branches/0.29.x@1781 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
-rw-r--r-- | src/ne_socket.c | 13 | ||||
-rw-r--r-- | src/ne_socket.h | 8 |
2 files changed, 10 insertions, 11 deletions
diff --git a/src/ne_socket.c b/src/ne_socket.c index 9e55c53..8beaa0a 100644 --- a/src/ne_socket.c +++ b/src/ne_socket.c @@ -1890,27 +1890,24 @@ void ne_sock_set_error(ne_socket *sock, const char *format, ...) va_end(params); } -/* Closes given ne_socket */ int ne_sock_close(ne_socket *sock) { int ret; + /* Per API description - for an SSL connection, simply send the + * close_notify but do not wait for the peer's response. */ #if defined(HAVE_OPENSSL) if (sock->ssl) { - /* Correct SSL shutdown procedure: call once... */ - if (SSL_shutdown(sock->ssl) == 0) { - /* close_notify sent but not received; wait for peer to - * send close_notify... */ - SSL_shutdown(sock->ssl); - } + SSL_shutdown(sock->ssl); SSL_free(sock->ssl); } #elif defined(HAVE_GNUTLS) if (sock->ssl) { do { - ret = gnutls_bye(sock->ssl, GNUTLS_SHUT_RDWR); + ret = gnutls_bye(sock->ssl, GNUTLS_SHUT_WR); } while (ret < 0 && (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN)); + gnutls_deinit(sock->ssl); } #endif diff --git a/src/ne_socket.h b/src/ne_socket.h index fd6f571..e02e86c 100644 --- a/src/ne_socket.h +++ b/src/ne_socket.h @@ -1,6 +1,6 @@ /* socket handling interface - Copyright (C) 1999-2009, Joe Orton <joe@manyfish.co.uk> + Copyright (C) 1999-2010, Joe Orton <joe@manyfish.co.uk> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public @@ -219,8 +219,10 @@ int ne_sock_fd(const ne_socket *sock); * must be destroyed by caller using ne_iaddr_free. */ ne_inet_addr *ne_sock_peer(ne_socket *sock, unsigned int *port); -/* Close the socket and destroy the socket object. Returns zero on - * success, or an errno value if close() failed. */ +/* Close the socket and destroy the socket object. If SSL is in use + * for the socket, a closure alert is sent to initiate a clean + * shutdown, but this function does not wait for the peer's response. + * Returns zero on success, or non-zero on failure. */ int ne_sock_close(ne_socket *sock); /* Return current error string for socket. */ |