[openssl] master update
beldmit at gmail.com
beldmit at gmail.com
Wed May 6 14:53:50 UTC 2020
The branch master has been updated
via edbb56ee4fafc07eb77747ad25278a04b89adc09 (commit)
from a96e6c347bc1da9964ffe941608b11cf030320ef (commit)
- Log -----------------------------------------------------------------
commit edbb56ee4fafc07eb77747ad25278a04b89adc09
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date: Tue May 5 15:26:32 2020 +0300
s_server normal shutdown
Partially fixes #11209
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11734)
-----------------------------------------------------------------------
Summary of changes:
apps/include/s_apps.h | 1 +
apps/lib/s_socket.c | 21 +++++++++++++++++++++
apps/s_client.c | 21 ---------------------
apps/s_server.c | 8 +++-----
4 files changed, 25 insertions(+), 26 deletions(-)
diff --git a/apps/include/s_apps.h b/apps/include/s_apps.h
index 1bbe5fe09d..baedbee9d3 100644
--- a/apps/include/s_apps.h
+++ b/apps/include/s_apps.h
@@ -32,6 +32,7 @@ int init_client(int *sock, const char *host, const char *port,
const char *bindhost, const char *bindport,
int family, int type, int protocol);
int should_retry(int i);
+void do_ssl_shutdown(SSL *ssl);
long bio_dump_callback(BIO *bio, int cmd, const char *argp,
int argi, long argl, long ret);
diff --git a/apps/lib/s_socket.c b/apps/lib/s_socket.c
index 7dd95e9f0e..52c4a0a764 100644
--- a/apps/lib/s_socket.c
+++ b/apps/lib/s_socket.c
@@ -392,4 +392,25 @@ int do_server(int *accept_sock, const char *host, const char *port,
return ret;
}
+void do_ssl_shutdown(SSL *ssl)
+{
+ int ret;
+
+ do {
+ /* We only do unidirectional shutdown */
+ ret = SSL_shutdown(ssl);
+ if (ret < 0) {
+ switch (SSL_get_error(ssl, ret)) {
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_ASYNC:
+ case SSL_ERROR_WANT_ASYNC_JOB:
+ /* We just do busy waiting. Nothing clever */
+ continue;
+ }
+ ret = 0;
+ }
+ } while (ret < 0);
+}
+
#endif /* OPENSSL_NO_SOCK */
diff --git a/apps/s_client.c b/apps/s_client.c
index eb4dbdcaa2..875ebf2253 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -98,27 +98,6 @@ static int restore_errno(void)
return ret;
}
-static void do_ssl_shutdown(SSL *ssl)
-{
- int ret;
-
- do {
- /* We only do unidirectional shutdown */
- ret = SSL_shutdown(ssl);
- if (ret < 0) {
- switch (SSL_get_error(ssl, ret)) {
- case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_WRITE:
- case SSL_ERROR_WANT_ASYNC:
- case SSL_ERROR_WANT_ASYNC_JOB:
- /* We just do busy waiting. Nothing clever */
- continue;
- }
- ret = 0;
- }
- } while (ret < 0);
-}
-
/* Default PSK identity and key */
static char *psk_identity = "Client_identity";
diff --git a/apps/s_server.c b/apps/s_server.c
index 23c762ba9f..4904a21b7a 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1884,7 +1884,6 @@ int s_server_main(int argc, char *argv[])
}
BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
}
- SSL_CTX_set_quiet_shutdown(ctx, 1);
if (exc != NULL)
ssl_ctx_set_excert(ctx, exc);
@@ -1982,7 +1981,6 @@ int s_server_main(int argc, char *argv[])
}
BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
}
- SSL_CTX_set_quiet_shutdown(ctx2, 1);
if (exc != NULL)
ssl_ctx_set_excert(ctx2, exc);
@@ -2770,7 +2768,7 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
err:
if (con != NULL) {
BIO_printf(bio_s_out, "shutting down SSL\n");
- SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+ do_ssl_shutdown(con);
SSL_free(con);
}
BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
@@ -3439,7 +3437,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
}
end:
/* make sure we re-use sessions */
- SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+ do_ssl_shutdown(con);
err:
OPENSSL_free(buf);
@@ -3593,7 +3591,7 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
}
end:
/* make sure we re-use sessions */
- SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+ do_ssl_shutdown(con);
err:
More information about the openssl-commits
mailing list