*** sx/ssl.c.orig Mon May 31 23:31:06 2004 --- sx/ssl.c Thu Sep 9 11:36:52 2004 *************** *** 347,353 **** _sx_buffer_alloc_margin(buf, 0, pending); ret = SSL_read(sc->ssl, &(buf->data[buf->len]), pending); ! if(ret <= 0) { err = SSL_get_error(sc->ssl, ret); /* ssl block incomplete, need more */ --- 347,388 ---- _sx_buffer_alloc_margin(buf, 0, pending); ret = SSL_read(sc->ssl, &(buf->data[buf->len]), pending); ! ! if (ret == 0) ! { ! /* ret will equal zero if the SSL stream was closed. ! (See the SSL_read manpage.) */ ! ! /* If the SSL Shutdown happened properly, ! (i.e. we got an SSL "close notify") ! then proccess the last packet recieved. */ ! if (SSL_get_shutdown(sc->ssl) == SSL_RECEIVED_SHUTDOWN) ! { ! _sx_close(s); ! break; ! } ! ! /* If the SSL stream was just closed and not shutdown, ! drop the last packet recieved. ! WARNING: This may cause clients that use SSLv2 and ! earlier to not log out properly. */ ! ! err = SSL_get_error(sc->ssl, ret); ! ! _sx_buffer_clear(buf); ! ! ! if(err == SSL_ERROR_ZERO_RETURN) { ! /* ssl channel closed, we're done */ ! _sx_close(s); ! } ! ! return -1; ! } ! else if(ret < 0) { ! /* ret will be negative if the SSL stream needs ! more data, or if there was a SSL error. ! (See the SSL_read manpage.) */ err = SSL_get_error(sc->ssl, ret); /* ssl block incomplete, need more */ *************** *** 360,370 **** /* something's wrong */ _sx_buffer_clear(buf); - if(err == SSL_ERROR_ZERO_RETURN) { - /* ssl channel closed, we're done */ - _sx_close(s); - return -1; - } /* !!! need checks for renegotiation */ --- 395,400 ----