netops: on SSL teardown only send shutdown alert

According to man 3 SSL_shutdown / TLS, "If a unidirectional shutdown is enough (the underlying connection shall be closed anyway), this first call to SSL_shutdown() is sufficient." Currently, an unidirectional shutdown is enough, since gitno_ssl_teardown is called by gitno_close only. Do so to avoid further errors (by misbehaving peers for example). Fixes #1129.
author: Michael Schubert <schu@schu.io> 2012-12-17 22:35:40 +0400
committer: Michael Schubert <schu@schu.io> 2012-12-17 22:46:27 +0400
commit: f2b00cbdf64c794b2ee0862d2b88a783a4a3c0f9 (patch)
tree: e52ee8335175dbc0c3f11870567601f65ff10c60 /src/netops.c
parent: 9c8dbc889320277f9b678704cca86eea769c73e1 (diff)
1 files changed, 1 insertions, 4 deletions
diff --git a/src/netops.c b/src/netops.c
index e2ec0d323..d3441e0ca 100644
--- a/src/netops.c
+++ b/src/netops.c
@@ -198,10 +198,7 @@ static int gitno_ssl_teardown(gitno_ssl *ssl)
 {
 	int ret;
 
-	do {
-		ret = SSL_shutdown(ssl->ssl);
-	} while (ret == 0);
-
+	ret = SSL_shutdown(ssl->ssl);
 	if (ret < 0)
 		ret = ssl_set_error(ssl, ret);
 	else
author	Michael Schubert <schu@schu.io>	2012-12-17 22:35:40 +0400
committer	Michael Schubert <schu@schu.io>	2012-12-17 22:46:27 +0400
commit	f2b00cbdf64c794b2ee0862d2b88a783a4a3c0f9 (patch)
tree	e52ee8335175dbc0c3f11870567601f65ff10c60 /src/netops.c
parent	9c8dbc889320277f9b678704cca86eea769c73e1 (diff)