{
struct ssl_stream *sslv = ssl_stream_cast(stream);
ssl_clear_txbuf(sslv);
+
+ /* Attempt clean shutdown of the SSL connection. This will work most of
+ * the time, as long as the kernel send buffer has some free space and the
+ * SSL connection isn't renegotiating, etc. That has to be good enough,
+ * since we don't have any way to continue the close operation in the
+ * background. */
+ SSL_shutdown(sslv->ssl);
+
SSL_free(sslv->ssl);
close(sslv->fd);
free(sslv);
if (error == SSL_ERROR_ZERO_RETURN) {
return 0;
} else {
- return interpret_ssl_error("SSL_read", ret, error, &sslv->rx_want);
+ return -interpret_ssl_error("SSL_read", ret, error,
+ &sslv->rx_want);
}
}
}
struct ssl_stream *sslv = ssl_stream_cast(stream);
if (sslv->txbuf) {
- return EAGAIN;
+ return -EAGAIN;
} else {
int error;
switch (error) {
case 0:
ssl_clear_txbuf(sslv);
- return 0;
+ return n;
case EAGAIN:
leak_checker_claim(buffer);
- return 0;
+ return n;
default:
sslv->txbuf = NULL;
- return error;
+ return -error;
}
}
}