{
openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
- if (SSL_is_init_finished (oc->ssl) && !ctx->is_passive_close)
- SSL_shutdown (oc->ssl);
+ /* Cleanup ssl ctx unless migrated */
+ if (!ctx->is_migrated)
+ {
+ if (SSL_is_init_finished (oc->ssl) && !ctx->is_passive_close)
+ SSL_shutdown (oc->ssl);
- SSL_free (oc->ssl);
+ SSL_free (oc->ssl);
+ vec_free (ctx->srv_hostname);
#ifdef HAVE_OPENSSL_ASYNC
openssl_evt_free (ctx->evt_index, ctx->c_thread_index);
#endif
- vec_free (ctx->srv_hostname);
+ }
+
pool_put_index (openssl_main.ctx_pool[ctx->c_thread_index],
oc->openssl_ctx_index);
}
check_tls_fifo:
+ if (PREDICT_FALSE (ctx->app_closed && BIO_ctrl_pending (oc->rbio) <= 0))
+ openssl_confirm_app_close (ctx);
+
/* Deschedule and wait for deq notification if fifo is almost full */
enq_buf = clib_min (svm_fifo_size (ts->tx_fifo) / 2, TLSO_MIN_ENQ_SPACE);
if (space < wrote + enq_buf)
{
openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
session_t *app_session;
- int read, wrote = 0;
+ int read;
svm_fifo_t *f;
if (PREDICT_FALSE (SSL_in_init (oc->ssl)))
if (read && app_session->session_state >= SESSION_STATE_READY)
tls_notify_app_enqueue (ctx, app_session);
- if (SSL_pending (oc->ssl) > 0)
+ if ((SSL_pending (oc->ssl) > 0) ||
+ svm_fifo_max_dequeue_cons (tls_session->rx_fifo))
tls_add_vpp_q_builtin_rx_evt (tls_session);
- return wrote;
+ return read;
}
static inline int