... so the BIO_free_all() call later on does not result
in OpenSSL waiting for a shutdown alert.
Prevents temporary hangs like:
#0 0x0000000801d1f8da in _read () from /lib/libc.so.7
#1 0x00000008019aebe6 in __thr_read (fd=59, buf=0x8084ecc43, nbytes=5) at /usr/src/lib/libthr/thread/thr_syscalls.c:418
#2 0x0000000800cafb62 in sock_read (b=0x80459d470, out=0x8084ecc43 "\027\003\003\062m\234o*\370\005\371\v\242\nxX\364\n\r\020\344H=\261?Y\377Y\177\302\034Y!\004\064&H", outl=5) at /usr/src/crypto/openssl/crypto/bio/bss_sock.c:140
#3 0x0000000800db9f34 in BIO_read (b=0x80459d470, out=0x8084ecc43, outl=5) at /usr/src/crypto/openssl/crypto/bio/bio_lib.c:210
#4 0x000000080176a80d in ssl3_read_n (s=0x808515500, n=5, max=5, extend=<optimized out>) at /usr/src/crypto/openssl/ssl/s3_pkt.c:258
#5 0x000000080176b87c in ssl3_get_record (s=0x808515500) at /usr/src/crypto/openssl/ssl/s3_pkt.c:342
#6 ssl3_read_bytes (s=<optimized out>, type=<optimized out>, buf=<optimized out>, len=<optimized out>, peek=0) at /usr/src/crypto/openssl/ssl/s3_pkt.c:1233
#7 0x000000080176e7bb in ssl3_shutdown (s=0x808515500) at /usr/src/crypto/openssl/ssl/s3_lib.c:4396
#8 0x00000008017505b0 in ssl_free (a=0x8085b73f0) at /usr/src/crypto/openssl/ssl/bio_ssl.c:126
#9 0x0000000800dbab7e in BIO_free (a=0x8085b73f0) at /usr/src/crypto/openssl/crypto/bio/bio_lib.c:133
#10 BIO_free_all (bio=0x0) at /usr/src/crypto/openssl/crypto/bio/bio_lib.c:509
#11 0x000000000045b481 in free_server_ssl_structures (csp=0x807720948) at openssl.c:1147
#12 0x000000000045b411 in close_server_ssl_connection (csp=0x807720948) at openssl.c:942
#13 0x0000000000438654 in serve (csp=0x807720948) at jcc.c:4531
#14 0x00000008019ac08c in thread_start (curthread=0x8051fd200) at /usr/src/lib/libthr/thread/thr_create.c:290
#15 0x0000000000000000 in ?? ()
extern void close_server_ssl_connection(struct client_state *csp)
{
struct ssl_attr *ssl_attr = &csp->ssl_server_attr;
+ SSL *ssl;
if (csp->ssl_with_server_is_opened == 0)
{
* Notifying the peer that the connection is being closed.
*/
BIO_ssl_shutdown(ssl_attr->openssl_attr.bio);
+ if (BIO_get_ssl(ssl_attr->openssl_attr.bio, &ssl) != 1)
+ {
+ log_ssl_errors(LOG_LEVEL_ERROR,
+ "BIO_get_ssl() failed in close_server_ssl_connection()");
+ }
+ else
+ {
+ /*
+ * Pretend we received a shutdown alert so
+ * the BIO_free_all() call later on returns
+ * quickly.
+ */
+ SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN);
+ }
free_server_ssl_structures(csp);
csp->ssl_with_server_is_opened = 0;
}