* ext/openssl/ossl_ssl.c (ossl_ssl_shutdown): Try to shutdown SSL

connection more gracefully. Call SSL_shutdown() max 4 times until it returns 1 (success). Bi-directional SSL close has several states but SSL_shutdown() kicks only 1 transition per call. Max 4 is from mod_ssl.c of Apache httpd that says 'max 2x pending * 2x data = 4'. See #4237. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32219 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2011-06-24 07:01:52 +0000
committer: nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2011-06-24 07:01:52 +0000
commit: 369b095015d0efb40e0833c94ab0b0837c7f48f4 (patch)
tree: 8f446316b0f3cfd6c0ef5cf0eed187f322dfe029 /ext/openssl/ossl_ssl.c
parent: ea9c30bec1856e1a1c8c856d1f752258c70c15db (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index a9f31020eb..6fa48bac41 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -970,8 +970,19 @@ ossl_sslctx_flush_sessions(int argc, VALUE *argv, VALUE self)
 static void
 ossl_ssl_shutdown(SSL *ssl)
 {
+    int i, rc;
+
     if (ssl) {
-	SSL_shutdown(ssl);
+	/* 4 is from SSL_smart_shutdown() of mod_ssl.c (v2.2.19) */
+	/* It says max 2x pending + 2x data = 4 */
+	for (i = 0; i < 4; ++i) {
+	    /*
+	     * Ignore the case SSL_shutdown returns -1. Empty handshake_func
+	     * must not happen.
+	     */
+	    if (rc = SSL_shutdown(ssl))
+		break;
+	}
         SSL_clear(ssl);
     }
 }
author	nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2011-06-24 07:01:52 +0000
committer	nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2011-06-24 07:01:52 +0000
commit	369b095015d0efb40e0833c94ab0b0837c7f48f4 (patch)
tree	8f446316b0f3cfd6c0ef5cf0eed187f322dfe029 /ext/openssl/ossl_ssl.c
parent	ea9c30bec1856e1a1c8c856d1f752258c70c15db (diff)