From: Simon Ruderich <simon@ruderich.org>
Date: Tue, 6 Aug 2013 04:15:47 +0000 (+0200)
Subject: Fix test-suite for recent gnutls-serv.
X-Git-Url: https://ruderich.org/simon/gitweb/?p=tlsproxy%2Ftlsproxy.git;a=commitdiff_plain;h=5c495b3f7f1e4553c7f8212675b212f2b2a6fdb2

Fix test-suite for recent gnutls-serv.
---

diff --git a/src/connection.c b/src/connection.c
index 170302c..3602842 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -313,7 +313,16 @@ out:
     /* Close TLS sessions if necessary. Use GNUTLS_SHUT_RDWR so the data is
      * reliable transmitted. */
     if (server_session_started) {
-        gnutls_bye(server_session, GNUTLS_SHUT_RDWR);
+        /* Recent gnutls-serv (used in the test-suite) won't terminate the
+         * connection when gnutls_bye(session, GNUTLS_SHUT_RDWR) is used
+         * before any other data was received. If the validation failed just
+         * close the connection without waiting for data, we won't read it
+         * anyway.
+         *
+         * For verified connections GNUTLS_SHUT_RDWR is important or we might
+         * lose data. */
+        gnutls_bye(server_session, validation_failed ? GNUTLS_SHUT_WR
+                                                     : GNUTLS_SHUT_RDWR);
     }
     if (client_session_started) {
         gnutls_bye(client_session, GNUTLS_SHUT_RDWR);
diff --git a/tests/client.c b/tests/client.c
index 5142910..41ddf5d 100644
--- a/tests/client.c
+++ b/tests/client.c
@@ -153,6 +153,11 @@ int main (int argc, char *argv[]) {
 
     gnutls_x509_crt_deinit(cert);
 
+    /* Send a bogus request to the server. Otherwise recent gnutls-serv won't
+     * terminate the connection when gnutls_bye() is used. */
+    gnutls_record_send(session, "GET / HTTP/1.0\r\n\r\n",
+                                strlen("GET / HTTP/1.0\r\n\r\n"));
+
     gnutls_bye(session, GNUTLS_SHUT_RDWR);
     fclose(fd_read);
     fclose(fd_write);