Merge pull request #175 from jakubkarolczyk/fix_ssl_shutdown

Fix SSL shutdown process to allign with documentation of SSL_shutdown
freeswitch · Sep 22, 2022 · 2a3bf7e · 2a3bf7e
2 parents 4b84300 + e77e70d
commit 2a3bf7e
Showing 1 changed file with 24 additions and 16 deletions.
diff --git a/libsofia-sip-ua/tport/ws.c b/libsofia-sip-ua/tport/ws.c
@@ -778,22 +778,6 @@ void ws_destroy(wsh_t *wsh)
 		wsh->write_buffer_len = 0;
 	}
 
-	if (wsh->ssl) {
-		int code = 0;
-		do {
-			if (code == -1) {
-				int ssl_err = SSL_get_error(wsh->ssl, code);
-				wss_error(wsh, ssl_err, "ws_destroy: SSL_shutdown");
-				break;
-			}
-			code = SSL_shutdown(wsh->ssl);
-		// } while (code == -1 && SSL_get_error(wsh->ssl, code) == SSL_ERROR_WANT_READ);
-		} while (code == -1);
-
-		SSL_free(wsh->ssl);
-		wsh->ssl = NULL;
-	}
-
 	if (wsh->buffer) free(wsh->buffer);
 	if (wsh->bbuffer) free(wsh->bbuffer);
 
@@ -826,6 +810,30 @@ ssize_t ws_close(wsh_t *wsh, int16_t reason)
 
 	restore_socket(wsh->sock);
 
+	if (wsh->ssl) {
+		int code = 0;
+		int ssl_error = 0;
+		const char* buf = "0";
+
+		/* check if no fatal error occurs on connection */
+		code = SSL_write(wsh->ssl, buf, 1);
+		ssl_error = SSL_get_error(wsh->ssl, code);
+
+		if (ssl_error == SSL_ERROR_SYSCALL || ssl_error == SSL_ERROR_SSL) {
+			goto ssl_finish_it;
+		}
+
+		code = SSL_shutdown(wsh->ssl);
+		if (code == 0) {
+			/* need to make sure there is no more data to read */
+			ws_raw_read(wsh, wsh->buffer, 9, WS_BLOCK);
+		}
+
+ssl_finish_it:
+		SSL_free(wsh->ssl);
+		wsh->ssl = NULL;
+	}
+
 	if (wsh->close_sock && wsh->sock != ws_sock_invalid) {
 #ifndef WIN32
 		close(wsh->sock);