diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2018-01-13 18:41:08 +0100 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2018-01-14 18:17:39 +0100 |
commit | 26ec943e020c0db6a25e6d155ba318270eff0fd7 (patch) | |
tree | 405aef861fa23005451e3fc086df0f8c59250b6f /apps/s_client.c | |
parent | 438e57a43f096d37bf316869b98780e24596a5e8 (diff) |
Explicitly shut the socket down in s_client
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5072)
Diffstat (limited to 'apps/s_client.c')
-rw-r--r-- | apps/s_client.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index fcab44cb56..a549304b34 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -3035,6 +3035,17 @@ int s_client_main(int argc, char **argv) */ Sleep(50); #endif + /* + * If we ended with an alert being sent, but still with data in the + * network buffer to be read, then calling BIO_closesocket() will + * result in a TCP-RST being sent. On some platforms (notably + * Windows) then this will result in the peer immediately abandoning + * the connection including any buffered alert data before it has + * had a chance to be read. Shutting down the sending side first, + * and then closing the socket sends TCP-FIN first followed by + * TCP-RST. This seems to allow the peer to read the alert data. + */ + shutdown(SSL_get_fd(con), 1); /* SHUT_WR */ BIO_closesocket(SSL_get_fd(con)); end: if (con != NULL) { |