Restore SSL_shutdown() two step sequence.

Change SSL_shutdown() such that it will return 0 after sending a
close-notify, before potentially returning 1 (indicating that a
close-notify has been sent and received) on a subsequent call. Some
software depends on this behaviour, even though there are cases where
the first call could immediately return 1 (for example, when the peer
has already sent a close-notify prior to SSL_shutdown() being called).

ok tb@

1 files changed, 3 insertions, 1 deletions

diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c
index e5b451cb68..6c33eccc61 100644
--- a/src/lib/libssl/tls13_legacy.c
+++ b/src/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_legacy.c,v 1.43 2024/01/27 14:34:28 jsing Exp $ */
+/*      $OpenBSD: tls13_legacy.c,v 1.44 2024/01/30 14:50:50 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -501,6 +501,7 @@ tls13_legacy_shutdown(SSL *ssl)
                         return -1;
                 if (ret != TLS13_IO_SUCCESS)
                         return tls13_legacy_return_code(ssl, ret);
+                goto done;
         }
 
         ret = tls13_record_layer_send_pending(ctx->rl);
@@ -524,6 +525,7 @@ tls13_legacy_shutdown(SSL *ssl)
                 }
         }
 
+ done:
         if (ssl->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN))
                 return 1;