Source code pulled from OpenBSD for LibreSSL - this includes most of the library and supporting code. The place to contribute to this code is via the OpenBSD CVS tree. Please mail patches to tech@openbsd.org, instead of submitting pull requests, since this tree is often rebased.
I noticed that tls_read, tls_write and tls_connect were non-blocking friendly, but tls_close was not yet
This implementation appears to be correct based on my reading of SSL_shutdown(3) (though I'm not familiar with OpenSSL's warts, so I don't know that it's not actually more complicated than this), specifically:
return of 0 means our end of the shutdown is successfully completed, but we should call SSL_shutdown again to wait for the remote end's to complete
return of 1 means bidirectional shutdown has completed successfully
return of -1 means either an error occurred, or that the request would block; check the result of SSL_get_error
I guess one could wrap the SSL_shutdown calls in a loop instead, like
do { ssl_ret = SSL_shutdown(...); } while (ssl_ret == 0);
but I don't think that's correct. To my reading, SSL_shutdown will only return 0 once, and the next call will either complete the shutdown or fail.
I noticed that tls_read, tls_write and tls_connect were non-blocking friendly, but tls_close was not yet
This implementation appears to be correct based on my reading of SSL_shutdown(3) (though I'm not familiar with OpenSSL's warts, so I don't know that it's not actually more complicated than this), specifically:
I guess one could wrap the SSL_shutdown calls in a loop instead, like
do { ssl_ret = SSL_shutdown(...); } while (ssl_ret == 0);
but I don't think that's correct. To my reading, SSL_shutdown will only return 0 once, and the next call will either complete the shutdown or fail.