cuberite/libevent
1
0
Fork 0
mirror of https://github.com/cuberite/libevent.git synced 2025-09-11 05:14:46 -04:00
Code Issues Packages Projects Releases Wiki Activity

Tweak allow_dirty_shutdown documentation

Browse Source
This commit is contained in:
Nick Mathewson 2011-11-24 12:24:38 -05:00
parent 099d27df2b
commit a44cd2b020
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
include/event2/bufferevent_ssl.h
View File

@ -88,16 +88,20 @@ bufferevent_openssl_socket_new(struct event_base *base,
enum bufferevent_ssl_state state, enum bufferevent_ssl_state state,
int options); int options);
/** Control whether to report dirty SSL shutdowns. /** Control how to report dirty SSL shutdowns.
If the peer closes the TCP connection before closing the SSL channel, the If the peer (or the network, or an attacker) closes the TCP
protocol is SSL >= v3, and allow_dirty_shutdown=0 (default), you will receive connection before closing the SSL channel, and the protocol is SSL >= v3,
BEV_EVENT_ERROR. this is a "dirty" shutdown. If allow_dirty_shutdown is 0 (default),
this is reported as BEV_EVENT_ERROR.
If instead allow_dirty_shutdown=1, you will receive BEV_EVENT_EOF. If instead allow_dirty_shutdown=1, a dirty shutdown is reported as
On the other hand, if the protocol is < SSLv3, you will always receive
BEV_EVENT_EOF. BEV_EVENT_EOF.
(Note that if the protocol is < SSLv3, you will always receive
BEV_EVENT_EOF, since SSL 2 and earlier cannot distinguish a secure
connection close from a dirty one. This is one reason (among many)
not to use SSL 2.)
*/ */
int bufferevent_openssl_get_allow_dirty_shutdown(struct bufferevent *bev); int bufferevent_openssl_get_allow_dirty_shutdown(struct bufferevent *bev);