diff options
author | lloyd <[email protected]> | 2012-01-08 18:06:06 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-01-08 18:06:06 +0000 |
commit | f150c461cbc36aa0d7166115d88bd0fde6d72e80 (patch) | |
tree | 69b8b117c0b584069836f60bbd042d78b5943990 /src/tls/tls_suites.h | |
parent | fb9d993c7922012c359253e0dfeac05621c1c269 (diff) |
If we send the close notify alert, don't reset the reader because the
counterparty might want to send us a matching close notify under the
currently existing key state. New logic is if we send the alert our
writer is reset (we will send nothing more), but leave the reader as
is. The reader will then be reset if and when we get a close notify,
or if the counterparty doesn't send one, we'll just end the connection
normally. This will also deal with the case where there is some
application data queued still in the recv buffer.
Don't close in ~TLS_Channel: applications should do this explicitly
when the application-level protocol is ended. Otherwise we'd send a
close_notify upon, for instance, an uncaught exception unwinding the
stack.
Add an enum for the maximum size of any TLS ciphertext packet
including header. Handy for apps.
If we get a bad alert size report size we got.
Diffstat (limited to 'src/tls/tls_suites.h')
0 files changed, 0 insertions, 0 deletions