TLS: Notify clients on connection shutdown. (#10931)

Use SSL_shutdown(), in a best-effort manner, when closing a TLS connection. This change better supports OpenSSL 3.x clients that will not silently ignore the socket-level EOF.
author: Yossi Gottlieb <yossigo@gmail.com> 2022-07-05 08:41:17 +0300
committer: GitHub <noreply@github.com> 2022-07-05 08:41:17 +0300
commit: 45ae6053329efce72ba91c1550e1395d0209e850 (patch)
tree: f6f2ea9dd2fac710b5afea4947df61f11ad8f44e /src/tls.c
parent: 9bcdd1537ed6404d4f9def35439af0589f1adf72 (diff)
download: redis-45ae6053329efce72ba91c1550e1395d0209e850.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/tls.c b/src/tls.c
index e7787e63a..e8d8a4f64 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -722,6 +722,8 @@ static void connTLSClose(connection *conn_) {
     tls_connection *conn = (tls_connection *) conn_;
 
     if (conn->ssl) {
+        if (conn->c.state == CONN_STATE_CONNECTED)
+            SSL_shutdown(conn->ssl);
         SSL_free(conn->ssl);
         conn->ssl = NULL;
     }
author	Yossi Gottlieb <yossigo@gmail.com>	2022-07-05 08:41:17 +0300
committer	GitHub <noreply@github.com>	2022-07-05 08:41:17 +0300
commit	45ae6053329efce72ba91c1550e1395d0209e850 (patch)
tree	f6f2ea9dd2fac710b5afea4947df61f11ad8f44e /src/tls.c
parent	9bcdd1537ed6404d4f9def35439af0589f1adf72 (diff)
download	redis-45ae6053329efce72ba91c1550e1395d0209e850.tar.gz