From 6c8a2fe247a93403257fe2af76b67180055069b4 Mon Sep 17 00:00:00 2001
From: nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Mon, 25 Jul 2011 04:30:02 +0000
Subject: * ext/openssl/ossl_ssl.c (ossl_ssl_shutdown): Avoid randomly
 generated   SSLError from SSLSocket just after invoking SSLSocket#close.  
 OpenSSL's SSL_shutdown could try to send alert packet and it might   set
 SSLerr(global error stack) as the result. It causes the next   SSL read/write
 operation to fail by unrelated reason.

  By design, we're ignoring any error at SSL_shutdown() so we clear
  global error stack after SSL_shutdown is called. See #5039.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32658 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ext/openssl/ossl_ssl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'ext/openssl/ossl_ssl.c')

diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 4d878797d4..ed820cd431 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -983,7 +983,8 @@ ossl_ssl_shutdown(SSL *ssl)
 	    if (rc = SSL_shutdown(ssl))
 		break;
 	}
-        SSL_clear(ssl);
+	ERR_clear_error();
+	SSL_clear(ssl);
     }
 }
 
-- 
cgit v1.2.3