It is safe to treat this as a non-error if you are using SSL version 3 or
higher, but not if you connected with SSL version 2. So do not use SSL v2.
Sending an SSL_shutdown() is the safe way to close the connection, but it
may have performace implications because of the rules OpenSSL uses for
managing session resumption. See the documentation for SSL_set_shutdown()
(http://www.openssl.org/docs/ssl/SSL_set_shutdown.html#) for some hints of
what to do.
_____________________________________
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_____________________________________
----- Original Message -----
From: "Shaw, George" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, April 18, 2001 12:38 PM
Subject: Closing SSL connections
> Hi,
>
> I'm working with an HTTP application, and according to the RFC when
sending
> the HTTP response it is permissible to signal the end of the response by
> closing the socket (rather than using the Content-Length header).
>
> When implementing the HTTP client using SSL, SSL_read will return
> SSL_ERROR_ZERO_RETURN. Is it safe to treat this as a non-error. i.e.
there
> are no other circumstances in which this return code will signal a true
> error?
>
> When implementing the HTTP server using SSL, is it safe to issue an
> SSL_shutdown and a socket disconnect while the client is listening?
>
> Thanks,
>
> G.
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
