nahi	2011-06-24 16:01:52 +0900 (Fri, 24 Jun 2011)

  New Revision: 32219

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=32219

  Log:
    * ext/openssl/ossl_ssl.c (ossl_ssl_shutdown): Try to shutdown SSL 
      connection more gracefully. Call SSL_shutdown() max 4 times until it  
      returns 1 (success). Bi-directional SSL close has several states but
      SSL_shutdown() kicks only 1 transition per call. Max 4 is from
      mod_ssl.c of Apache httpd that says 'max 2x pending * 2x data = 4'.
      See #4237.

  Modified files:
    trunk/ChangeLog
    trunk/ext/openssl/ossl_ssl.c

Index: ChangeLog
===================================================================
--- ChangeLog	(revision 32218)
+++ ChangeLog	(revision 32219)
@@ -1,3 +1,12 @@
+Fri Jun 24 15:54:14 2011  Hiroshi Nakamura  <nahi@r...>
+
+	* ext/openssl/ossl_ssl.c (ossl_ssl_shutdown): Try to shutdown SSL
+	  connection more gracefully. Call SSL_shutdown() max 4 times until it
+	  returns 1 (success). Bi-directional SSL close has several states but
+	  SSL_shutdown() kicks only 1 transition per call. Max 4 is from
+	  mod_ssl.c of Apache httpd that says 'max 2x pending * 2x data = 4'.
+	  See #4237.
+
 Fri Jun 24 07:24:37 2011  Eric Hodel  <drbrain@s...>
 
 	* lib/rake/version.rb:  Fixed VERSION to work with tool/rbinstall.rb
Index: ext/openssl/ossl_ssl.c
===================================================================
--- ext/openssl/ossl_ssl.c	(revision 32218)
+++ ext/openssl/ossl_ssl.c	(revision 32219)
@@ -970,8 +970,19 @@
 static void
 ossl_ssl_shutdown(SSL *ssl)
 {
+    int i, rc;
+
     if (ssl) {
-	SSL_shutdown(ssl);
+	/* 4 is from SSL_smart_shutdown() of mod_ssl.c (v2.2.19) */
+	/* It says max 2x pending + 2x data = 4 */
+	for (i = 0; i < 4; ++i) {
+	    /*
+	     * Ignore the case SSL_shutdown returns -1. Empty handshake_func
+	     * must not happen.
+	     */
+	    if (rc = SSL_shutdown(ssl))
+		break;
+	}
         SSL_clear(ssl);
     }
 }

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/