Restore SSL_shutdown() two step sequence.

Change SSL_shutdown() such that it will return 0 after sending a
close-notify, before potentially returning 1 (indicating that a
close-notify has been sent and received) on a subsequent call. Some
software depends on this behaviour, even though there are cases where
the first call could immediately return 1 (for example, when the peer
has already sent a close-notify prior to SSL_shutdown() being called).

ok tb@

1 files changed, 3 insertions, 1 deletions

diff --git a/lib/libssl/tls13_legacy.c b/lib/libssl/tls13_legacy.c
index e5b451cb68b..6c33eccc61a 100644
--- a/lib/libssl/tls13_legacy.c
+++ b/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_legacy.c,v 1.43 2024/01/27 14:34:28 jsing Exp $ */
+/*	$OpenBSD: tls13_legacy.c,v 1.44 2024/01/30 14:50:50 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -501,6 +501,7 @@ tls13_legacy_shutdown(SSL *ssl)
 			return -1;
 		if (ret != TLS13_IO_SUCCESS)
 			return tls13_legacy_return_code(ssl, ret);
+		goto done;
 	}
 
 	ret = tls13_record_layer_send_pending(ctx->rl);
@@ -524,6 +525,7 @@ tls13_legacy_shutdown(SSL *ssl)
 		}
 	}
 
+ done:
 	if (ssl->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN))
 		return 1;