From: Madhusudan Mathihalli Date: Sat, 28 Feb 2004 00:45:26 +0000 (+0000) Subject: Send the 'Close Alert' message to the peer upon closing a SSL session. This X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d4afaddaf369d4c44932d37cd300b7b6c96c474f;p=thirdparty%2Fapache%2Fhttpd.git Send the 'Close Alert' message to the peer upon closing a SSL session. This required creating a new EOC (End-Of-Connection) bucket type to notify mod_ssl that the connection is about to be closed. Reviewed by: Joe Orton, Justin Erenkrantz git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102793 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/ssl_engine_io.c b/ssl_engine_io.c index 5787c86c311..19f763fb3b4 100644 --- a/ssl_engine_io.c +++ b/ssl_engine_io.c @@ -100,6 +100,7 @@ typedef struct { BIO *pbioWrite; ap_filter_t *pInputFilter; ap_filter_t *pOutputFilter; + int nobuffer; /* non-zero to prevent buffering */ } ssl_filter_ctx_t; typedef struct { @@ -193,7 +194,8 @@ static int bio_filter_out_write(BIO *bio, const char *in, int inl) */ BIO_clear_retry_flags(bio); - if (!outctx->length && (inl + outctx->blen < sizeof(outctx->buffer))) { + if (!outctx->length && (inl + outctx->blen < sizeof(outctx->buffer)) && + !outctx->filter_ctx->nobuffer) { /* the first two SSL_writes (of 1024 and 261 bytes) * need to be in the same packet (vec[0].iov_base) */ @@ -1396,6 +1398,22 @@ static apr_status_t ssl_io_filter_output(ap_filter_t *f, apr_bucket_delete(bucket); } } + else if (AP_BUCKET_IS_EOC(bucket)) { + /* The special "EOC" bucket means a shutdown is needed; + * - turn off buffering in bio_filter_out_write + * - issue the SSL_shutdown + */ + filter_ctx->nobuffer = 1; + status = ssl_filter_io_shutdown(filter_ctx, f->c, 0); + if (status != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_INFO, status, NULL, + "SSL filter error shutting down I/O"); + } + if ((status = ap_pass_brigade(f->next, bb)) != APR_SUCCESS) { + return status; + } + break; + } else { /* filter output */ const char *data;