Explicitly shut the socket down in s_client

Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5072)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2018-01-13 18:41:08 +0100
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2018-01-14 18:17:39 +0100
commit: 26ec943e020c0db6a25e6d155ba318270eff0fd7 (patch)
tree: 405aef861fa23005451e3fc086df0f8c59250b6f /apps/s_client.c
parent: 438e57a43f096d37bf316869b98780e24596a5e8 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c
index fcab44cb56..a549304b34 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -3035,6 +3035,17 @@ int s_client_main(int argc, char **argv)
      */
     Sleep(50);
 #endif
+    /*
+     * If we ended with an alert being sent, but still with data in the
+     * network buffer to be read, then calling BIO_closesocket() will
+     * result in a TCP-RST being sent. On some platforms (notably
+     * Windows) then this will result in the peer immediately abandoning
+     * the connection including any buffered alert data before it has
+     * had a chance to be read. Shutting down the sending side first,
+     * and then closing the socket sends TCP-FIN first followed by
+     * TCP-RST. This seems to allow the peer to read the alert data.
+     */
+    shutdown(SSL_get_fd(con), 1); /* SHUT_WR */
     BIO_closesocket(SSL_get_fd(con));
  end:
     if (con != NULL) {
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2018-01-13 18:41:08 +0100
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2018-01-14 18:17:39 +0100
commit	26ec943e020c0db6a25e6d155ba318270eff0fd7 (patch)
tree	405aef861fa23005451e3fc086df0f8c59250b6f /apps/s_client.c
parent	438e57a43f096d37bf316869b98780e24596a5e8 (diff)