You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kg...@apache.org on 2012/09/28 14:55:22 UTC
svn commit: r1391436 - /qpid/proton/trunk/proton-c/src/ssl/openssl.c
Author: kgiusti
Date: Fri Sep 28 12:55:21 2012
New Revision: 1391436
URL: http://svn.apache.org/viewvc?rev=1391436&view=rev
Log:
PROTON-38: close the SSL layer when pn_process_input is called with zero data bytes
Modified:
qpid/proton/trunk/proton-c/src/ssl/openssl.c
Modified: qpid/proton/trunk/proton-c/src/ssl/openssl.c
URL: http://svn.apache.org/viewvc/qpid/proton/trunk/proton-c/src/ssl/openssl.c?rev=1391436&r1=1391435&r2=1391436&view=diff
==============================================================================
--- qpid/proton/trunk/proton-c/src/ssl/openssl.c (original)
+++ qpid/proton/trunk/proton-c/src/ssl/openssl.c Fri Sep 28 12:55:21 2012
@@ -506,7 +506,7 @@ static ssize_t process_input_ssl( pn_tra
// Write to network bio as much as possible, consuming bytes/available
- if (available) {
+ if (available > 0) {
int written = BIO_write( ssl->bio_net_io, input_data, available );
if (written > 0) {
input_data += written;
@@ -515,6 +515,11 @@ static ssize_t process_input_ssl( pn_tra
ssl->read_blocked = false;
_log( ssl, "Wrote %d bytes to BIO Layer, %d left over\n", written, available );
}
+ } else if (available == 0) {
+ // lower layer (caller) has closed. Close the WRITE side of the BIO. This will cause
+ // an EOF to be passed to SSL once all pending inbound data has been consumed.
+ _log( ssl, "Lower layer closed - shutting down BIO write side\n");
+ (void)BIO_shutdown_wr( ssl->bio_net_io );
}
// Read all available data from the SSL socket
@@ -530,9 +535,9 @@ static ssize_t process_input_ssl( pn_tra
ssl->in_count += written;
} else {
if (!BIO_should_retry(ssl->bio_ssl)) {
- start_ssl_shutdown(ssl); // KAG: not sure - this may be necessary
_log(ssl, "Read from SSL socket failed - SSL connection closed!!\n");
_log_ssl_error(ssl);
+ start_ssl_shutdown(ssl); // KAG: not sure - this may be necessary
ssl->ssl_closed = true;
} else {
if (BIO_should_write( ssl->bio_ssl )) {
@@ -555,7 +560,7 @@ static ssize_t process_input_ssl( pn_tra
if (!ssl->app_input_closed) {
char *data = ssl->inbuf;
- while (ssl->in_count > 0) {
+ while (ssl->in_count > 0 || ssl->ssl_closed) { /* if ssl_closed, send 0 count */
ssize_t consumed = transport->process_input(transport, data, ssl->in_count);
if (consumed > 0) {
ssl->in_count -= consumed;
@@ -568,7 +573,7 @@ static ssize_t process_input_ssl( pn_tra
ssl->in_count = 0; // discard any pending input
ssl->app_input_closed = consumed;
if (ssl->app_output_closed && ssl->out_count) {
- // both sides of app closed, and last bit of app output written to socket:
+ // both sides of app closed, and no more app output pending:
start_ssl_shutdown(ssl);
}
/* @todo: fix this - duplicate code - transport does the same */
@@ -646,9 +651,9 @@ static ssize_t process_output_ssl( pn_tr
_log( ssl, "Wrote %d bytes from app to socket\n", written );
} else {
if (!BIO_should_retry(ssl->bio_ssl)) {
- start_ssl_shutdown(ssl); // KAG: not sure - this may be necessary
_log(ssl, "Write to SSL socket failed - SSL connection closed!!\n");
_log_ssl_error(ssl);
+ start_ssl_shutdown(ssl); // KAG: not sure - this may be necessary
ssl->out_count = 0; // can no longer write to socket, so erase app output data
ssl->ssl_closed = true;
} else {
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org