@abh3 commented on this pull request.
OK, this will work but it does slow the connection turnaround because it tries to do a bidirectional shutdown which I don't think is needed. So, while not technically wrong there is a possible improvement and I leave it up to you to decide which way to go.
> @@ -1759,10 +1759,17 @@ void XrdHttpProtocol::Cleanup() {
if (ssl) {
-
- if (SSL_shutdown(ssl) != 1) {
- TRACE(ALL, " SSL_shutdown failed");
- ERR_print_errors(sslbio_err);
+ int ret = SSL_shutdown(ssl);
+ if (ret != 1) {
+ if(ret == 0) {
+ //https://www.openssl.org/docs/man1.0.2/man3/SSL_shutdown.html
+ //Call again SSL_shutdown
+ ret = SSL_shutdown(ssl);
So, tell me why we need a bidirectional shutdown here. From the same documentation "If a unidirectional shutdown is enough (the underlying connection shall be closed anyway), this first call to SSL_shutdown() is sufficient." I think the actual problem was that the original code insisted that the return value be one when in fact 1 or 0 was good enough and only -1 should have reported an error. However, a zero return should clear the error stack as a misleading error may have been placed on the stack. Agree?
--
Reply to this email directly or view it on GitHub:
https://github.com/xrootd/xrootd/pull/1968#pullrequestreview-1348887191
You are receiving this because you are subscribed to this thread.
Message ID: <[log in to unmask]>
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1
