From ssl-2.5 branch 2003/10/27 16:56:30

Cleaner unclean SSL shutdown implementation

diff --git a/src/fde.h b/src/fde.h
index 6cf981b43bb53eb930209717f6725a019a2f4b10..c666a4c0f68a71af6c813cf087e1f65ec6932d85 100644 (file)
--- a/src/fde.h
+++ b/src/fde.h
@@ -1,6 +1,6 @@
 
 /*
- * $Id: fde.h,v 1.6 2003/11/09 17:11:11 hno Exp $
+ * $Id: fde.h,v 1.7 2005/03/18 15:17:17 hno Exp $
  *
  *
  * SQUID Web Proxy Cache          http://www.squid-cache.org/
@@ -120,9 +120,6 @@ unsigned int write_pending:
 #if USE_SSL
 
     SSL *ssl;
-
-int ssl_shutdown:
-    1;
 #endif
 };
 

diff --git a/src/ssl_support.cc b/src/ssl_support.cc
index 72b3a26b60842a155f8d198ed42c0c78267d2508..852cbe111b669eecab381eb77101d261f1071ef4 100644 (file)
--- a/src/ssl_support.cc
+++ b/src/ssl_support.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: ssl_support.cc,v 1.21 2005/03/18 14:43:33 hno Exp $
+ * $Id: ssl_support.cc,v 1.22 2005/03/18 15:17:17 hno Exp $
  *
  * AUTHOR: Benno Rice
  * DEBUG: section 83    SSL accelerator support
@@ -500,6 +500,12 @@ sslCreateServerContext(const char *certfile, const char *keyfile, int version, c
 
     SSL_CTX_set_options(sslContext, ssl_parse_options(options));
 
+    if (Config.SSL.unclean_shutdown) {
+        debug(83, 5) ("Enabling quiet SSL shutdowns (RFC violation).\n");
+
+        SSL_CTX_set_quiet_shutdown(sslContext, 1);
+    }
+
     if (cipher) {
         debug(83, 5) ("Using chiper suite %s.\n", cipher);
 
@@ -756,15 +762,6 @@ ssl_shutdown_method(int fd)
 {
     SSL *ssl = fd_table[fd].ssl;
 
-    if (!fd_table[fd].ssl_shutdown) {
-        fd_table[fd].ssl_shutdown = 1;
-
-        if (Config.SSL.unclean_shutdown)
-            SSL_set_shutdown(ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-        else
-            SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN);
-    }
-
     SSL_shutdown(ssl);
 }