}
#endif
assert(Conn_OPTION_ISSET(c, CONN_SSL));
- Conn_OPTION_DEL(c, (CONN_SSL_CONNECT|CONN_SSL|CONN_SSL_WANT_WRITE));
+ /* can't just set bitmask to 0 -- there are other, non-ssl related flags, e.g. CONN_ZIP. */
+ Conn_OPTION_DEL(c, CONN_SSL_FLAGS_ALL);
}
Conn_OPTION_ADD(c, CONN_SSL_WANT_WRITE); /* fall through */
case SSL_ERROR_NONE:
return 0; /* try again later */
- case SSL_ERROR_ZERO_RETURN: /* TLS/SSL Connection was shut down */
- LogOpenSSLError("TLS/SSL Connection shutdown", fname);
+ case SSL_ERROR_ZERO_RETURN:
+ LogDebug("TLS/SSL connection shut down normally");
break;
/*
SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT, SSL_ERROR_WANT_X509_LOOKUP
switch (code) {
case GNUTLS_E_AGAIN:
case GNUTLS_E_INTERRUPTED:
- if (gnutls_record_get_direction(c->ssl_state.gnutls_session)) { /* need write */
- io_event_del(c->sock, IO_WANTREAD);
- Conn_OPTION_ADD(c, CONN_SSL_WANT_WRITE); /* fall through */
- break;
- } else { /* need read */
- io_event_del(c->sock, IO_WANTWRITE);
- Conn_OPTION_ADD(c, CONN_SSL_WANT_READ);
+ if (gnutls_record_get_direction(c->ssl_state.gnutls_session)) {
+ Conn_OPTION_ADD(c, CONN_SSL_WANT_WRITE);
+ io_event_del(c->sock, IO_WANTREAD);
+ } else {
+ Conn_OPTION_ADD(c, CONN_SSL_WANT_READ);
+ io_event_del(c->sock, IO_WANTWRITE);
+ }
break;
- }
default:
assert(code < 0);
if (gnutls_error_is_fatal(code)) {