loggen: close connections correctly (4-way termination)

This is important especially when TLS 1.3 is used. > TLSv1.3 sessions are not established during the main handshake. > Instead, after the main handshake is complete, a server may send some > NewSessionTicket messages to the client. If a client sends messages and then closes the connection immediately without reading any NewSessionTickets from the server, the server may not read the messages that were already sent by the client. This issue has been fixed in openssl/openssl#6944, but a full TCP shutdown is still required to make the server read the data. Also: openssl/openssl#6904 Backported from OSE: da03117a89aab7158d9a6db4d275d0358a71323c Signed-off-by: László Várady <laszlo.varady@protonmail.com> Signed-off-by: Attila Szakacs <attila.szakacs@oneidentity.com>
balabit-deps · Jul 28, 2020 · 9539a8b · 9539a8b
1 parent 9161378
commit 9539a8b
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/tests/loggen/loggen.c b/tests/loggen/loggen.c
@@ -821,6 +821,7 @@ idle_thread(gpointer st)
   while (!threads_stop)
     g_cond_wait(thread_cond, thread_lock);
   g_mutex_unlock(thread_lock);
+  shutdown(sock, SHUT_RDWR);
   close(sock);
   return NULL;
 error:
@@ -1032,6 +1033,7 @@ active_thread(gpointer st)
   if (active_finished == active_connections)
     g_cond_signal(thread_finished);
   g_mutex_unlock(thread_lock);
+  shutdown(sock, SHUT_RDWR);
   close(sock);
   if (readfrom && readfrom != stdin)
     fclose(readfrom);