stream-ssl: Try to shut SSL connections down gracefully.

author Ben Pfaff <blp@nicira.com>

Thu, 7 Jan 2010 21:57:53 +0000 (13:57 -0800)

committer Ben Pfaff <blp@nicira.com>

Thu, 7 Jan 2010 23:00:51 +0000 (15:00 -0800)
author Ben Pfaff <blp@nicira.com>
Thu, 7 Jan 2010 21:57:53 +0000 (13:57 -0800)
committer Ben Pfaff <blp@nicira.com>
Thu, 7 Jan 2010 23:00:51 +0000 (15:00 -0800)
diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c

index 11bbf4adae73460427c7a6272ad5ecf2b31a6e6c..436dc7b265a389915506c8309db1ffc566948e3e 100644 (file)
--- a/lib/stream-ssl.c
+++ b/lib/stream-ssl.c
@@ -437,6 +437,14 @@ ssl_close(struct stream *stream)
  {
      struct ssl_stream *sslv = ssl_stream_cast(stream);
      ssl_clear_txbuf(sslv);
+
+    /* Attempt clean shutdown of the SSL connection.  This will work most of
+     * the time, as long as the kernel send buffer has some free space and the
+     * SSL connection isn't renegotiating, etc.  That has to be good enough,
+     * since we don't have any way to continue the close operation in the
+     * background. */
+    SSL_shutdown(sslv->ssl);
+
      SSL_free(sslv->ssl);
      close(sslv->fd);
      free(sslv);
author	Ben Pfaff <blp@nicira.com>
	Thu, 7 Jan 2010 21:57:53 +0000 (13:57 -0800)
committer	Ben Pfaff <blp@nicira.com>
	Thu, 7 Jan 2010 23:00:51 +0000 (15:00 -0800)