handling SSL_ERROR_ZERO_RETURN from SSL_read

[Amit Ben Shahar]

Hi,

The documentation specifies that SSL_ERROR_ZERO_RETURN is returned if
the transport layer is closed normally.
My question is, how should i handle this return code?
specifically should i call SSL_free normally to free resources, or are
resources already freed?

Thanks,

Amit Ben Shahar
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org

[David Schwartz]

Amit Ben Shahar wrote:

> Hi,
>
> The documentation specifies that SSL_ERROR_ZERO_RETURN is returned if
> the transport layer is closed normally.
> My question is, how should i handle this return code?
> specifically should i call SSL_free normally to free resources, or are
> resources already freed?

Handle it the same way you would handle 'read' returning zero. Resources
cannot already be freed because if they were, a subsequent call to, say,
SSL_write would cause the program to crash.

DS

[Darryl Miles]

Amit Ben Shahar wrote:
> The documentation specifies that SSL_ERROR_ZERO_RETURN is returned if
> the transport layer is closed normally.
> My question is, how should i handle this return code?
> specifically should i call SSL_free normally to free resources, or are
> resources already freed?

Yes you need to call SSL_free() to release the (SSL *) handle.

You may need to free/release other OpenSSL objects you created that were
also used in relation to the (SSL *) handle.

Unfortunately things get a big vague as man page documentation often
doesn't clearly indicate which API calls transfer ownership (and
therefore responsibly to release/free) to the callee from the caller
(usually your application code).

Darryl

[Amit Ben Shahar]

Assuming i'm only using SSL_set_bio to assign a BIO to the SSL object
(all other calls are read/write), will the SSL_free suffice?

Amit