Add ssl_close_notify() to servers that missed it
This commit is contained in:
parent
00d538f8f9
commit
6b0d268bc9
5 changed files with 50 additions and 6 deletions
|
@ -4,6 +4,7 @@ PolarSSL ChangeLog (Sorted per branch, date)
|
|||
|
||||
Bugfix
|
||||
* The length of various ClientKeyExchange messages was not properly checked.
|
||||
* Some example server programs were not sending the close_notify alert.
|
||||
|
||||
= PolarSSL 1.3.5 released on 2014-03-26
|
||||
Features
|
||||
|
|
|
@ -1002,6 +1002,7 @@ send_request:
|
|||
if( ret == 0 )
|
||||
{
|
||||
printf("\n\nEOF\n\n");
|
||||
ssl_close_notify( &ssl );
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -1010,12 +1011,12 @@ send_request:
|
|||
}
|
||||
while( 1 );
|
||||
|
||||
ssl_close_notify( &ssl );
|
||||
|
||||
if( opt.reconnect != 0 )
|
||||
{
|
||||
--opt.reconnect;
|
||||
|
||||
net_close( server_fd );
|
||||
|
||||
#if defined(POLARSSL_TIMING_C)
|
||||
if( opt.reco_delay > 0 )
|
||||
m_sleep( 1000 * opt.reco_delay );
|
||||
|
@ -1055,6 +1056,8 @@ send_request:
|
|||
}
|
||||
|
||||
exit:
|
||||
if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY )
|
||||
ret = 0;
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
if( ret != 0 )
|
||||
|
@ -1062,9 +1065,6 @@ exit:
|
|||
char error_buf[100];
|
||||
polarssl_strerror( ret, error_buf, 100 );
|
||||
printf("Last error was: -0x%X - %s\n\n", -ret, error_buf );
|
||||
|
||||
if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY )
|
||||
ret = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
|
|
@ -270,6 +270,21 @@ static void *handle_ssl_connection( void *data )
|
|||
printf( " [ #%d ] %d bytes written\n=====\n%s\n=====\n",
|
||||
thread_id, len, (char *) buf );
|
||||
|
||||
printf( " [ #%d ] . Closing the connection...", thread_id );
|
||||
|
||||
while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ &&
|
||||
ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
printf( " [ #%d ] failed: ssl_close_notify returned -0x%04x\n",
|
||||
thread_id, ret );
|
||||
goto thread_exit;
|
||||
}
|
||||
}
|
||||
|
||||
printf( " ok\n" );
|
||||
|
||||
ret = 0;
|
||||
|
||||
thread_exit:
|
||||
|
|
|
@ -323,7 +323,21 @@ reset:
|
|||
|
||||
len = ret;
|
||||
printf( " %d bytes written\n\n%s\n", len, (char *) buf );
|
||||
|
||||
|
||||
printf( " . Closing the connection..." );
|
||||
|
||||
while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ &&
|
||||
ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
printf( " failed\n ! ssl_close_notify returned %d\n\n", ret );
|
||||
goto reset;
|
||||
}
|
||||
}
|
||||
|
||||
printf( " ok\n" );
|
||||
|
||||
ret = 0;
|
||||
goto reset;
|
||||
|
||||
|
|
|
@ -1261,6 +1261,20 @@ reset:
|
|||
printf( " ok\n" );
|
||||
}
|
||||
|
||||
printf( " . Closing the connection..." );
|
||||
|
||||
while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
|
||||
{
|
||||
if( ret != POLARSSL_ERR_NET_WANT_READ &&
|
||||
ret != POLARSSL_ERR_NET_WANT_WRITE )
|
||||
{
|
||||
printf( " failed\n ! ssl_close_notify returned %d\n\n", ret );
|
||||
goto reset;
|
||||
}
|
||||
}
|
||||
|
||||
printf( " ok\n" );
|
||||
|
||||
ret = 0;
|
||||
goto reset;
|
||||
|
||||
|
|
Loading…
Reference in a new issue