Ensure the QUIC TLS SSL object is marked as shutdown

If we shutdown the QUIC connection then we should mark the underlying TLS SSL object as shutdown as well. Otherwise any sessions are considered unusable for resumption. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #21591)
openssl · Aug 2, 2023 · f219abe · f219abe
1 parent 829eec9
commit f219abe
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
@@ -1203,6 +1203,8 @@ int ossl_quic_conn_shutdown(SSL *s, uint64_t flags,
     ossl_quic_channel_local_close(ctx.qc->ch,
                                   args != NULL ? args->quic_error_code : 0);
 
+    SSL_set_shutdown(ctx.qc->tls, SSL_SENT_SHUTDOWN);
+
     if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
         quic_unlock(ctx.qc);
         return 1;