only terminate the write-half of the TLS connection to avoid hanging if the remote...

RFC5246 section 7.2.4 states that the initiator of the closure need not wait for the remote to response before closing the read-half.

closes #3633

diff --git a/mutt_ssl_gnutls.c b/mutt_ssl_gnutls.c
index b86820289d1e75349a7c779be63b51bd91ad9d2b..e619c2d93684bfad299d84d86b6a5988bcea5b54 100644 (file)
--- a/mutt_ssl_gnutls.c
+++ b/mutt_ssl_gnutls.c
@@ -385,7 +385,15 @@ static int tls_socket_close (CONNECTION* conn)
   tlssockdata *data = conn->sockdata;
   if (data)
   {
-    gnutls_bye (data->state, GNUTLS_SHUT_RDWR);
+    /* shut down only the write half to avoid hanging waiting for the remote to respond.
+     *
+     * RFC5246 7.2.1. "Closure Alerts"
+     *
+     * It is not required for the initiator of the close to wait for the
+     * responding close_notify alert before closing the read side of the
+     * connection.
+     */
+    gnutls_bye (data->state, GNUTLS_SHUT_WR);
 
     gnutls_certificate_free_credentials (data->xcred);
     gnutls_deinit (data->state);