From: hno <>
Date: Fri, 18 Mar 2005 22:17:17 +0000 (+0000)
Subject: From ssl-2.5 branch 2003/10/27 16:56:30
X-Git-Tag: SQUID_3_0_PRE4~843
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a9d79803daf473947d79fd45d67b77f028e23ead;p=thirdparty%2Fsquid.git

From ssl-2.5 branch 2003/10/27 16:56:30

Cleaner unclean SSL shutdown implementation
---

diff --git a/src/fde.h b/src/fde.h
index 6cf981b43b..c666a4c0f6 100644
--- a/src/fde.h
+++ b/src/fde.h
@@ -1,6 +1,6 @@
 
 /*
- * $Id: fde.h,v 1.6 2003/11/09 17:11:11 hno Exp $
+ * $Id: fde.h,v 1.7 2005/03/18 15:17:17 hno Exp $
  *
  *
  * SQUID Web Proxy Cache          http://www.squid-cache.org/
@@ -120,9 +120,6 @@ unsigned int write_pending:
 #if USE_SSL
 
     SSL *ssl;
-
-int ssl_shutdown:
-    1;
 #endif
 };
 
diff --git a/src/ssl_support.cc b/src/ssl_support.cc
index 72b3a26b60..852cbe111b 100644
--- a/src/ssl_support.cc
+++ b/src/ssl_support.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: ssl_support.cc,v 1.21 2005/03/18 14:43:33 hno Exp $
+ * $Id: ssl_support.cc,v 1.22 2005/03/18 15:17:17 hno Exp $
  *
  * AUTHOR: Benno Rice
  * DEBUG: section 83    SSL accelerator support
@@ -500,6 +500,12 @@ sslCreateServerContext(const char *certfile, const char *keyfile, int version, c
 
     SSL_CTX_set_options(sslContext, ssl_parse_options(options));
 
+    if (Config.SSL.unclean_shutdown) {
+        debug(83, 5) ("Enabling quiet SSL shutdowns (RFC violation).\n");
+
+        SSL_CTX_set_quiet_shutdown(sslContext, 1);
+    }
+
     if (cipher) {
         debug(83, 5) ("Using chiper suite %s.\n", cipher);
 
@@ -756,15 +762,6 @@ ssl_shutdown_method(int fd)
 {
     SSL *ssl = fd_table[fd].ssl;
 
-    if (!fd_table[fd].ssl_shutdown) {
-        fd_table[fd].ssl_shutdown = 1;
-
-        if (Config.SSL.unclean_shutdown)
-            SSL_set_shutdown(ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-        else
-            SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN);
-    }
-
     SSL_shutdown(ssl);
 }