MINOR: ssl: Make sure we don't shutw the connection before the handshake.

Instead of trying to finish the handshake in ssl_sock_shutw, which may fail, try not to shutdown until the handshake is finished.
2025-02-26 07:30:34 +00:00 · 2017-11-16 17:49:25 +01:00 · 2017-11-16 17:49:25 +01:00 · e9bed53486
commit e9bed53486
parent e6060c5d87
2 changed files with 3 additions and 8 deletions
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@ -5655,13 +5655,6 @@ static void ssl_sock_close(struct connection *conn) {
 */
 static void ssl_sock_shutw(struct connection *conn, int clean)
 {
-	/* If we're done with the connection before we did the handshake
-	 * force the handshake anyway, so that the session is in a consistent
-	 * state
-	 */
-	if (conn->flags & CO_FL_EARLY_SSL_HS)
-		SSL_do_handshake(conn->xprt_ctx);
-
 	if (conn->flags & CO_FL_HANDSHAKE)
 		return;
 	if (!clean)
--- a/src/stream_interface.c
+++ b/src/stream_interface.c
@ -458,8 +458,10 @@ void stream_int_notify(struct stream_interface *si)

 	/* process consumer side */
 	if (channel_is_empty(oc)) {
+		struct connection *conn = objt_cs(si->end) ? objt_cs(si->end)->conn : NULL;
+
 		if (((oc->flags & (CF_SHUTW|CF_SHUTW_NOW)) == CF_SHUTW_NOW) &&
-		    (si->state == SI_ST_EST))
+		    (si->state == SI_ST_EST) && (!conn || !(conn->flags & (CO_FL_HANDSHAKE | CO_FL_EARLY_SSL_HS))))
 			si_shutw(si);
 		oc->wex = TICK_ETERNITY;
 	}