[openssl] master update

beldmit at gmail.com beldmit at gmail.com
Wed May 6 14:53:50 UTC 2020


The branch master has been updated
       via  edbb56ee4fafc07eb77747ad25278a04b89adc09 (commit)
      from  a96e6c347bc1da9964ffe941608b11cf030320ef (commit)


- Log -----------------------------------------------------------------
commit edbb56ee4fafc07eb77747ad25278a04b89adc09
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Tue May 5 15:26:32 2020 +0300

    s_server normal shutdown
    
    Partially fixes #11209
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11734)

-----------------------------------------------------------------------

Summary of changes:
 apps/include/s_apps.h |  1 +
 apps/lib/s_socket.c   | 21 +++++++++++++++++++++
 apps/s_client.c       | 21 ---------------------
 apps/s_server.c       |  8 +++-----
 4 files changed, 25 insertions(+), 26 deletions(-)

diff --git a/apps/include/s_apps.h b/apps/include/s_apps.h
index 1bbe5fe09d..baedbee9d3 100644
--- a/apps/include/s_apps.h
+++ b/apps/include/s_apps.h
@@ -32,6 +32,7 @@ int init_client(int *sock, const char *host, const char *port,
                 const char *bindhost, const char *bindport,
                 int family, int type, int protocol);
 int should_retry(int i);
+void do_ssl_shutdown(SSL *ssl);
 
 long bio_dump_callback(BIO *bio, int cmd, const char *argp,
                        int argi, long argl, long ret);
diff --git a/apps/lib/s_socket.c b/apps/lib/s_socket.c
index 7dd95e9f0e..52c4a0a764 100644
--- a/apps/lib/s_socket.c
+++ b/apps/lib/s_socket.c
@@ -392,4 +392,25 @@ int do_server(int *accept_sock, const char *host, const char *port,
     return ret;
 }
 
+void do_ssl_shutdown(SSL *ssl)
+{
+    int ret;
+
+    do {
+        /* We only do unidirectional shutdown */
+        ret = SSL_shutdown(ssl);
+        if (ret < 0) {
+            switch (SSL_get_error(ssl, ret)) {
+            case SSL_ERROR_WANT_READ:
+            case SSL_ERROR_WANT_WRITE:
+            case SSL_ERROR_WANT_ASYNC:
+            case SSL_ERROR_WANT_ASYNC_JOB:
+                /* We just do busy waiting. Nothing clever */
+                continue;
+            }
+            ret = 0;
+        }
+    } while (ret < 0);
+}
+
 #endif  /* OPENSSL_NO_SOCK */
diff --git a/apps/s_client.c b/apps/s_client.c
index eb4dbdcaa2..875ebf2253 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -98,27 +98,6 @@ static int restore_errno(void)
     return ret;
 }
 
-static void do_ssl_shutdown(SSL *ssl)
-{
-    int ret;
-
-    do {
-        /* We only do unidirectional shutdown */
-        ret = SSL_shutdown(ssl);
-        if (ret < 0) {
-            switch (SSL_get_error(ssl, ret)) {
-            case SSL_ERROR_WANT_READ:
-            case SSL_ERROR_WANT_WRITE:
-            case SSL_ERROR_WANT_ASYNC:
-            case SSL_ERROR_WANT_ASYNC_JOB:
-                /* We just do busy waiting. Nothing clever */
-                continue;
-            }
-            ret = 0;
-        }
-    } while (ret < 0);
-}
-
 /* Default PSK identity and key */
 static char *psk_identity = "Client_identity";
 
diff --git a/apps/s_server.c b/apps/s_server.c
index 23c762ba9f..4904a21b7a 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1884,7 +1884,6 @@ int s_server_main(int argc, char *argv[])
         }
         BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
     }
-    SSL_CTX_set_quiet_shutdown(ctx, 1);
     if (exc != NULL)
         ssl_ctx_set_excert(ctx, exc);
 
@@ -1982,7 +1981,6 @@ int s_server_main(int argc, char *argv[])
             }
             BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
         }
-        SSL_CTX_set_quiet_shutdown(ctx2, 1);
         if (exc != NULL)
             ssl_ctx_set_excert(ctx2, exc);
 
@@ -2770,7 +2768,7 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
  err:
     if (con != NULL) {
         BIO_printf(bio_s_out, "shutting down SSL\n");
-        SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+        do_ssl_shutdown(con);
         SSL_free(con);
     }
     BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
@@ -3439,7 +3437,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
     }
  end:
     /* make sure we re-use sessions */
-    SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+    do_ssl_shutdown(con);
 
  err:
     OPENSSL_free(buf);
@@ -3593,7 +3591,7 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
     }
  end:
     /* make sure we re-use sessions */
-    SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+    do_ssl_shutdown(con);
 
  err:
 


More information about the openssl-commits mailing list