From: Stefan Eissing <stefan@eissing.org>
Date: Thu, 25 Sep 2025 11:11:58 +0000 (+0200)
Subject: wolfssl: fix error check in shutdown
X-Git-Tag: rc-8_17_0-1~236
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dec661c81cb0bc55e089b67112ab995eeba350eb;p=thirdparty%2Fcurl.git

wolfssl: fix error check in shutdown

When trying to send the TLS shutdown, use the return code
to check for the cause.

Reported in Joshua's sarif data

Closes #18729
---

diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index 0cf6e0e4a5..ed02435676 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -1921,7 +1921,8 @@ static CURLcode wssl_shutdown(struct Curl_cfilter *cf,
    * was not complete, we are lacking the close notify from the server. */
   if(send_shutdown) {
     wolfSSL_ERR_clear_error();
-    if(wolfSSL_shutdown(wctx->ssl) == 1) {
+    nread = wolfSSL_shutdown(wctx->ssl);
+    if(nread == 1) {
       CURL_TRC_CF(data, cf, "SSL shutdown finished");
       *done = TRUE;
       goto out;