Re: Bugreport: SSL connection terminated without SSL shutdown

[Alexander V. Lukyanov]

On Fri, Sep 05, 2008 at 07:46:35PM +0200, Andreas Prieß wrote:
> DEBUG: Client "87.178.121.68", "Connection terminated without SSL
> shutdown - buggy client?"

Could you try attached patch, please?

--
   Alexander.

Index: buffer_ssl.cc
===================================================================
RCS file: /home/lav/cvsroot/lftp/src/buffer_ssl.cc,v
retrieving revision 1.13
diff -u -p -r1.13 buffer_ssl.cc
--- buffer_ssl.cc       2 Aug 2007 11:27:59 -0000       1.13
+++ buffer_ssl.cc       20 Sep 2008 09:49:55 -0000
@@ -112,4 +112,14 @@ int IOBufferSSL::Put_LL(const char *buf,
    return res;
 }
 
+int IOBufferSSL::PutEOF_LL()
+{
+   ssl->shutdown();
+   return 0;
+}
+
+IOBufferSSL::~IOBufferSSL()
+{
+}
+
 #endif // USE_SSL
Index: buffer_ssl.h
===================================================================
RCS file: /home/lav/cvsroot/lftp/src/buffer_ssl.h,v
retrieving revision 1.8
diff -u -p -r1.8 buffer_ssl.h
--- buffer_ssl.h        16 May 2007 08:07:34 -0000      1.8
+++ buffer_ssl.h        12 Sep 2008 12:49:46 -0000
@@ -34,10 +34,12 @@ class IOBufferSSL : public IOBuffer
 
    int Get_LL(int size);
    int Put_LL(const char *buf,int size);
+   int PutEOF_LL();
 
 public:
    IOBufferSSL(lftp_ssl *s,dir_t m) : IOBuffer(m), my_ssl(s), ssl(my_ssl) {}
    IOBufferSSL(const Ref<lftp_ssl>& s,dir_t m) : IOBuffer(m), ssl(s) {}
+   ~IOBufferSSL();
    int Do();
    bool Done() { return IOBuffer::Done() && ssl->handshake_done; }
 };
Index: lftp_ssl.cc
===================================================================
RCS file: /home/lav/cvsroot/lftp/src/lftp_ssl.cc,v
retrieving revision 1.33
diff -u -p -r1.33 lftp_ssl.cc
--- lftp_ssl.cc 12 Sep 2007 05:38:25 -0000      1.33
+++ lftp_ssl.cc 12 Sep 2008 12:52:25 -0000
@@ -293,12 +293,13 @@ void lftp_ssl_gnutls::load_keys()
    }
    gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cred);
 }
-lftp_ssl_gnutls::~lftp_ssl_gnutls()
+void lftp_ssl_gnutls::shutdown()
 {
-#if 0
    if(handshake_done)
       gnutls_bye(session,GNUTLS_SHUT_RDWR);  // FIXME - E_AGAIN
-#endif
+}
+lftp_ssl_gnutls::~lftp_ssl_gnutls()
+{
    if(cred)
       gnutls_certificate_free_credentials(cred);
    gnutls_deinit(session);
@@ -831,12 +832,13 @@ void lftp_ssl_openssl::load_keys()
       }
    }
 }
-lftp_ssl_openssl::~lftp_ssl_openssl()
+void lftp_ssl_openssl::shutdown()
 {
-#if 0
    if(handshake_done)
       SSL_shutdown(ssl);
-#endif
+}
+lftp_ssl_openssl::~lftp_ssl_openssl()
+{
    SSL_free(ssl);
 }
 
Index: lftp_ssl.h
===================================================================
RCS file: /home/lav/cvsroot/lftp/src/lftp_ssl.h,v
retrieving revision 1.21
diff -u -p -r1.21 lftp_ssl.h
--- lftp_ssl.h  11 Apr 2007 05:00:17 -0000      1.21
+++ lftp_ssl.h  12 Sep 2008 12:50:59 -0000
@@ -107,6 +107,7 @@ public:
    bool want_out();
    void copy_sid(const lftp_ssl_gnutls *);
    void load_keys();
+   void shutdown();
 };
 typedef lftp_ssl_gnutls lftp_ssl;
 #elif USE_OPENSSL
@@ -140,6 +141,7 @@ public:
    bool want_out();
    void copy_sid(const lftp_ssl_openssl *);
    void load_keys();
+   void shutdown();
 };
 typedef lftp_ssl_openssl lftp_ssl;
 #endif