You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2014/06/08 00:53:52 UTC
svn commit: r1601184 - in /httpd/httpd/trunk: CHANGES
modules/ssl/ssl_util_ssl.c
Author: ylavic
Date: Sat Jun 7 22:53:52 2014
New Revision: 1601184
URL: http://svn.apache.org/r1601184
Log:
mod_ssl: Ensure that the SSL close notify alert is flushed to the client.
PR54998.
Submitted By: Tim Kosse <tim.kosse filezilla-project.org>, ylavic
Committed By: ylavic
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1601184&r1=1601183&r2=1601184&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Sat Jun 7 22:53:52 2014
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) mod_ssl: Ensure that the SSL close notify alert is flushed to the client.
+ PR54998. [Tim Kosse <tim.kosse filezilla-project.org>, Yann Ylavic]
+
*) mod_log_config: Add GlobalLog to allow a globally defined log to
be inherited by virtual hosts that define a CustomLog.
[Edward Lu <Chaosed0 gmail.com>]
Modified: httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c?rev=1601184&r1=1601183&r2=1601184&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c Sat Jun 7 22:53:52 2014
@@ -125,6 +125,7 @@ int SSL_smart_shutdown(SSL *ssl)
{
int i;
int rc;
+ int flush;
/*
* Repeat the calls, because SSL_shutdown internally dispatches through a
@@ -134,8 +135,17 @@ int SSL_smart_shutdown(SSL *ssl)
* connection and OpenSSL cannot recognize it.
*/
rc = 0;
+ flush = !(SSL_get_shutdown(ssl) & SSL_SENT_SHUTDOWN);
for (i = 0; i < 4 /* max 2x pending + 2x data = 4 */; i++) {
- if ((rc = SSL_shutdown(ssl)))
+ rc = SSL_shutdown(ssl);
+ if (rc >= 0 && flush && (SSL_get_shutdown(ssl) & SSL_SENT_SHUTDOWN)) {
+ /* Once the close notity is sent through the output filters,
+ * ensure it is flushed through the socket.
+ */
+ BIO_flush(ssl->wbio);
+ flush = 0;
+ }
+ if (rc != 0)
break;
}
return rc;