[openssl-users] Shutdown details

Kurt Roeckx kurt at roeckx.be
Sun Aug 12 18:53:05 UTC 2018


On Wed, Aug 01, 2018 at 09:46:37PM +0200, Alex H wrote:
> 
> > If your question is whether you can still read any data that may have
> been in flight when you send your close_notify, I believe the answer
> is no.  Further data received from the peer is discarded after a
> close_notify is sent.
> 
> I also believe so, especially since SSL_shutdown docs seem to hint that
> once SSL_shutdown is called, it should be called again until fully done
> (serving SSL_WANT_READ/WRITE as needed). In other words, SSL_shutdown
> becomes the only function called until the SSL connection is fully closed,
> no more SSL_read is called and thus it cannot report any received data.
> SSL_shutdown does not return with any data.

You are probably reading old documentation. The documentation has
been updated say that it's adviced to call SSL_read() until you
get SSL_ERROR_ZERO_RETURN.


Kurt



More information about the openssl-users mailing list