tls: ssl close only after all data drained

author Florin Coras <fcoras@cisco.com>

Mon, 10 Jan 2022 17:15:41 +0000 (09:15 -0800)

committer Dave Barach <openvpp@barachs.net>

Tue, 11 Jan 2022 17:05:18 +0000 (17:05 +0000)
author Florin Coras <fcoras@cisco.com>
Mon, 10 Jan 2022 17:15:41 +0000 (09:15 -0800)
committer Dave Barach <openvpp@barachs.net>
Tue, 11 Jan 2022 17:05:18 +0000 (17:05 +0000)
diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c

index add6d7e..ac85299 100644 (file)
--- a/src/plugins/tlsopenssl/tls_openssl.c
+++ b/src/plugins/tlsopenssl/tls_openssl.c
@@ -363,6 +363,8 @@ openssl_ctx_handshake_rx (tls_ctx_t * ctx, session_t * tls_session)
  static void
  openssl_confirm_app_close (tls_ctx_t * ctx)
  {
+  openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
+  SSL_shutdown (oc->ssl);
    tls_disconnect_transport (ctx);
    session_transport_closed_notify (&ctx->connection);
  }
@@ -931,8 +933,6 @@ openssl_app_close (tls_ctx_t * ctx)
    openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
    session_t *app_session;
  
-  SSL_shutdown (oc->ssl);
-
    /* Wait for all data to be written to tcp */
    app_session = session_get_from_handle (ctx->app_session_handle);
    if (BIO_ctrl_pending (oc->rbio) <= 0
author	Florin Coras <fcoras@cisco.com>
	Mon, 10 Jan 2022 17:15:41 +0000 (09:15 -0800)
committer	Dave Barach <openvpp@barachs.net>
	Tue, 11 Jan 2022 17:05:18 +0000 (17:05 +0000)