Commit f2b00cbdf64c794b2ee0862d2b88a783a4a3c0f9
2012-12-17T19:35:40
netops: on SSL teardown only send shutdown alert According to man 3 SSL_shutdown / TLS, "If a unidirectional shutdown is enough (the underlying connection shall be closed anyway), this first call to SSL_shutdown() is sufficient." Currently, an unidirectional shutdown is enough, since gitno_ssl_teardown is called by gitno_close only. Do so to avoid further errors (by misbehaving peers for example). Fixes #1129.
diff --git a/src/netops.c b/src/netops.c
index e2ec0d3..d3441e0 100644
--- a/src/netops.c
+++ b/src/netops.c
@@ -198,10 +198,7 @@ static int gitno_ssl_teardown(gitno_ssl *ssl)
{
int ret;
- do {
- ret = SSL_shutdown(ssl->ssl);
- } while (ret == 0);
-
+ ret = SSL_shutdown(ssl->ssl);
if (ret < 0)
ret = ssl_set_error(ssl, ret);
else