From 86792a6cf3fb088e1e1f8ae7286e01196b172eec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Thu, 23 Oct 2014 15:02:45 +0200
Subject: [PATCH] Fix ssl_close_notify() with non-blocking I/O

---
 ChangeLog         | 2 ++
 library/ssl_tls.c | 9 +++------
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index dd1a3c5d1..b951c9a49 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,8 @@ Security
 Bugfix
    * Fix potential bad read in parsing ServerHello (found by Adrien
      Vialletelle).
+   * ssl_close_notify() could send more than one message in some circumstances
+     with non-blocking I/O.
 
 Changes
    * X.509 certificates with more than one AttributeTypeAndValue per
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 103dc1f6b..d8eddd935 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4018,11 +4018,8 @@ int ssl_close_notify( ssl_context *ssl )
 
     SSL_DEBUG_MSG( 2, ( "=> write close notify" ) );
 
-    if( ( ret = ssl_flush_output( ssl ) ) != 0 )
-    {
-        SSL_DEBUG_RET( 1, "ssl_flush_output", ret );
-        return( ret );
-    }
+    if( ssl->out_left != 0 )
+        return( ssl_flush_output( ssl ) );
 
     if( ssl->state == SSL_HANDSHAKE_OVER )
     {
@@ -4036,7 +4033,7 @@ int ssl_close_notify( ssl_context *ssl )
 
     SSL_DEBUG_MSG( 2, ( "<= write close notify" ) );
 
-    return( ret );
+    return( 0 );
 }
 
 void ssl_transform_free( ssl_transform *transform )