Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EIdOpenSSLShutdownError with Linux #13

Open
ThomasHorstmann opened this issue Jul 26, 2023 · 0 comments
Open

EIdOpenSSLShutdownError with Linux #13

ThomasHorstmann opened this issue Jul 26, 2023 · 0 comments

Comments

@ThomasHorstmann
Copy link

I am testing OpenSSL with a simple TIdHTTPServer. It delivers only the index.htm and the favicon.ico. I am running two servers in the internet (windows and linux), without special firewalls. So there are a lot of attacks every day. Windows works fine, but sometimes linux crashses with an EIdOpenSSLShutdownError (Failed to shutdown the TLS connection.error:0A000197:SSL routines::shutdown while in init). Maybe because of an attack. This happens in "TIdOpenSSLSocket.Close". I changed the code. Now it seems to run without problems. Is this the correct way?

{ TIdOpenSSLSocket }

procedure TIdOpenSSLSocket.Close;
var
LReturnCode: TIdC_INT;
LSSLErrorCode: TIdC_INT;
begin
if not FDoNotCallShutdown then
begin
LReturnCode := SSL_shutdown(FSSL);
if LReturnCode < 0 then
begin
LSSLErrorCode := SSL_get_error(FSSL, LReturnCode);
if LSSLErrorCode <> SSL_ERROR_ZERO_RETURN then
SSL_set_shutdown(FSSL, SSL_SENT_SHUTDOWN or SSL_RECEIVED_SHUTDOWN); // <- new
// raise EIdOpenSSLShutdownError.Create(FSSL, LReturnCode, RIdOpenSSLShutdownError); // <- old
end;
end
else
SSL_set_shutdown(FSSL, SSL_SENT_SHUTDOWN or SSL_RECEIVED_SHUTDOWN);
end;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ThomasHorstmann