BUG/MEDIUM: ssl: Don't pretend we can retry a recv/send if we got a shutr/w.

In ha_ssl_write() and ha_ssl_read(), don't pretend we can retry a read/write
if we got a shutr/shutw, or we will never properly shutdown the connection.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 015943ee61c7990ca61005adcf4034c76d06e473..b26c4fd9d6e7937850485e05f9f21747be027621 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -271,10 +271,11 @@ static int ha_ssl_write(BIO *h, const char *buf, int num)
        tmpbuf.data = num;
        tmpbuf.head = 0;
        ret = ctx->xprt->snd_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, num, 0);
-       if (ret == 0 && !(ctx->conn->flags & CO_FL_ERROR)) {
+       if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_WR_SH))) {
                BIO_set_retry_write(h);
                ret = -1;
-       }
+       } else if (ret == 0)
+                BIO_clear_retry_flags(h);
        return ret;
 }
 
@@ -306,10 +307,11 @@ static int ha_ssl_read(BIO *h, char *buf, int size)
        tmpbuf.data = 0;
        tmpbuf.head = 0;
        ret = ctx->xprt->rcv_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, size, 0);
-       if (ret == 0 && !(ctx->conn->flags & CO_FL_ERROR)) {
+       if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_RD_SH))) {
                BIO_set_retry_read(h);
                ret = -1;
-       }
+       } else if (ret == 0)
+               BIO_clear_retry_flags(h);
 
        return ret;
 }