From 35e43a1051a7a822e0e7f8898100bfa85e2325c2 Mon Sep 17 00:00:00 2001
From: Joe Orton <jorton@apache.org>
Date: Mon, 7 Apr 2008 16:03:49 +0000
Subject: [PATCH] Clean up some more error handling in mod_ssl:

* modules/ssl/ssl_engine_io.c (ssl_filter_io_shutdown): Remove
  redundant return value (which was always success).
  (ssl_io_filter_handshake): Return APR_ECONNABORTED on handshake
  failure, rather than success.
  (ssl_io_filter_output): Ignore ssl_filter_io_shutdown return
  value.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@645584 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/ssl/ssl_engine_io.c | 24 ++++++++++--------------
 1 file changed, 10 insertions(+), 14 deletions(-)

diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
index c5a1ca4f5d..9941387d58 100644
--- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -905,9 +905,8 @@ static const char ssl_io_buffer[] = "SSL/TLS Buffer";
  *  (called immediately _before_ the socket is closed)
  *  or called with
  */
-static apr_status_t ssl_filter_io_shutdown(ssl_filter_ctx_t *filter_ctx,
-                                           conn_rec *c,
-                                           int abortive)
+static void ssl_filter_io_shutdown(ssl_filter_ctx_t *filter_ctx,
+                                   conn_rec *c, int abortive)
 {
     SSL *ssl = filter_ctx->pssl;
     const char *type = "";
@@ -915,7 +914,7 @@ static apr_status_t ssl_filter_io_shutdown(ssl_filter_ctx_t *filter_ctx,
     int shutdown_type;
 
     if (!ssl) {
-        return APR_SUCCESS;
+        return;
     }
 
     /*
@@ -1007,8 +1006,6 @@ static apr_status_t ssl_filter_io_shutdown(ssl_filter_ctx_t *filter_ctx,
         /* prevent any further I/O */
         c->aborted = 1;
     }
-
-    return APR_SUCCESS;
 }
 
 static apr_status_t ssl_io_filter_cleanup(void *data)
@@ -1119,7 +1116,8 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx)
             inctx->rc = APR_EGENERAL;
         }
 
-        return ssl_filter_io_shutdown(filter_ctx, c, 1);
+        ssl_filter_io_shutdown(filter_ctx, c, 1);
+        return inctx->rc;
     }
 
     /*
@@ -1158,7 +1156,8 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx)
                          error ? error : "unknown");
             ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server);
 
-            return ssl_filter_io_shutdown(filter_ctx, c, 1);
+            ssl_filter_io_shutdown(filter_ctx, c, 1);
+            return APR_ECONNABORTED;
         }
     }
 
@@ -1183,7 +1182,8 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx)
         ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c,
                       "No acceptable peer certificate available");
 
-        return ssl_filter_io_shutdown(filter_ctx, c, 1);
+        ssl_filter_io_shutdown(filter_ctx, c, 1);
+        return APR_ECONNABORTED;
     }
 
     return APR_SUCCESS;
@@ -1342,11 +1342,7 @@ static apr_status_t ssl_io_filter_output(ap_filter_t *f,
              * - issue the SSL_shutdown
              */
             filter_ctx->nobuffer = 1;
-            status = ssl_filter_io_shutdown(filter_ctx, f->c, 0);
-            if (status != APR_SUCCESS) {
-                ap_log_cerror(APLOG_MARK, APLOG_INFO, status, f->c,
-                              "SSL filter error shutting down I/O");
-            }
+            ssl_filter_io_shutdown(filter_ctx, f->c, 0);
             if ((status = ap_pass_brigade(f->next, bb)) != APR_SUCCESS) {
                 return status;
             }
-- 
2.40.0