summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjoe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845>2010-01-11 10:36:14 +0000
committerjoe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845>2010-01-11 10:36:14 +0000
commitcdb9bd56120b3d0bb2f205df4b247b3689af199e (patch)
tree5b6dcfed03a0932cd8843a9763c469aab2a114bf
parent8bbce60dce25157ee89f436574a206a8caac8680 (diff)
downloadneon-cdb9bd56120b3d0bb2f205df4b247b3689af199e.tar.gz
Merge r1780 from trunk:
* src/ne_socket.c (ne_sock_close): Do not wait for the peer's close_notify alert with either GnuTLS or OpenSSL. [HAVE_GNUTLS]: Fix memory leak: free the session object. * src/ne_socket.h (ne_sock_close): Clarify close_notify handling. git-svn-id: http://svn.webdav.org/repos/projects/neon/branches/0.29.x@1781 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
Diffstat
-rw-r--r--src/ne_socket.c13
-rw-r--r--src/ne_socket.h8
2 files changed, 10 insertions, 11 deletions
diff --git a/src/ne_socket.c b/src/ne_socket.c
index 9e55c53..8beaa0a 100644
--- a/src/ne_socket.c
+++ b/src/ne_socket.c
@@ -1890,27 +1890,24 @@ void ne_sock_set_error(ne_socket *sock, const char *format, ...)
va_end(params);
}
-/* Closes given ne_socket */
int ne_sock_close(ne_socket *sock)
{
int ret;
+ /* Per API description - for an SSL connection, simply send the
+ * close_notify but do not wait for the peer's response. */
#if defined(HAVE_OPENSSL)
if (sock->ssl) {
- /* Correct SSL shutdown procedure: call once... */
- if (SSL_shutdown(sock->ssl) == 0) {
- /* close_notify sent but not received; wait for peer to
- * send close_notify... */
- SSL_shutdown(sock->ssl);
- }
+ SSL_shutdown(sock->ssl);
SSL_free(sock->ssl);
}
#elif defined(HAVE_GNUTLS)
if (sock->ssl) {
do {
- ret = gnutls_bye(sock->ssl, GNUTLS_SHUT_RDWR);
+ ret = gnutls_bye(sock->ssl, GNUTLS_SHUT_WR);
} while (ret < 0
&& (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN));
+ gnutls_deinit(sock->ssl);
}
#endif
diff --git a/src/ne_socket.h b/src/ne_socket.h
index fd6f571..e02e86c 100644
--- a/src/ne_socket.h
+++ b/src/ne_socket.h
@@ -1,6 +1,6 @@
/*
socket handling interface
- Copyright (C) 1999-2009, Joe Orton <joe@manyfish.co.uk>
+ Copyright (C) 1999-2010, Joe Orton <joe@manyfish.co.uk>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
@@ -219,8 +219,10 @@ int ne_sock_fd(const ne_socket *sock);
* must be destroyed by caller using ne_iaddr_free. */
ne_inet_addr *ne_sock_peer(ne_socket *sock, unsigned int *port);
-/* Close the socket and destroy the socket object. Returns zero on
- * success, or an errno value if close() failed. */
+/* Close the socket and destroy the socket object. If SSL is in use
+ * for the socket, a closure alert is sent to initiate a clean
+ * shutdown, but this function does not wait for the peer's response.
+ * Returns zero on success, or non-zero on failure. */
int ne_sock_close(ne_socket *sock);
/* Return current error string for socket. */
View Lorry Controller Status