From fc624b8cb4c3312d7450dfa86adfa3fe8dd9cbeb Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Tue, 11 Jan 2022 14:50:09 +0000 Subject: Ensure server tls close alert not delayed --- src/src/tls-gnu.c | 5 +++++ src/src/tls-openssl.c | 3 +++ 2 files changed, 8 insertions(+) diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index 53635acae..3adadb80b 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -3731,6 +3731,11 @@ if (do_shutdown) tls_write(ct_ctx, NULL, 0, FALSE); /* flush write buffer */ +#ifdef EXIM_TCP_CORK + if (do_shutdown > 1) + (void) setsockopt(tlsp->active.sock, IPPROTO_TCP, EXIM_TCP_CORK, US &off, sizeof(off)); +#endif + ALARM(2); gnutls_bye(state->session, do_shutdown > 1 ? GNUTLS_SHUT_RDWR : GNUTLS_SHUT_WR); ALARM_CLR(0); diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 5130455fe..576f62ba6 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -4516,6 +4516,9 @@ if (do_shutdown) if ( (rc = SSL_shutdown(*sslp)) == 0 /* send "close notify" alert */ && do_shutdown > 1) { +#ifdef EXIM_TCP_CORK + (void) setsockopt(*fdp, IPPROTO_TCP, EXIM_TCP_CORK, US &off, sizeof(off)); +#endif ALARM(2); rc = SSL_shutdown(*sslp); /* wait for response */ ALARM_CLR(0); -- cgit v1.2.3