From dec661c81cb0bc55e089b67112ab995eeba350eb Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 13:11:58 +0200 Subject: [PATCH] wolfssl: fix error check in shutdown When trying to send the TLS shutdown, use the return code to check for the cause. Reported in Joshua's sarif data Closes #18729 --- lib/vtls/wolfssl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 0cf6e0e4a5..ed02435676 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -1921,7 +1921,8 @@ static CURLcode wssl_shutdown(struct Curl_cfilter *cf, * was not complete, we are lacking the close notify from the server. */ if(send_shutdown) { wolfSSL_ERR_clear_error(); - if(wolfSSL_shutdown(wctx->ssl) == 1) { + nread = wolfSSL_shutdown(wctx->ssl); + if(nread == 1) { CURL_TRC_CF(data, cf, "SSL shutdown finished"); *done = TRUE; goto out; -- 2.47.3