In the stop_SSL function, errors occurring during the Net::SSLeay::shutdown call are only dealt with if the socket was configured as non-blocking.
For sockets configured in blocking mode, SSL shutdown errors are silently ignored, which has two drawbacks:
such errors aren't stored in _SSL_last_err and aren't retrievable with errstr()
the SSL error queue isn't cleared (no Net::SSLeay::ERR_get_error() call loop, no call to Net::SSLeay::ERR_clear_error()). It means these errors can leak to other unrelated places where the SSL error queue is checked. For example in my case it lead to SSL connections being wrongfully closed when a shutdown fails on an unrelated SSL socket in blocking mode.
In the
stop_SSL
function, errors occurring during theNet::SSLeay::shutdown
call are only dealt with if the socket was configured as non-blocking.For sockets configured in blocking mode, SSL shutdown errors are silently ignored, which has two drawbacks:
_SSL_last_err
and aren't retrievable witherrstr()
Net::SSLeay::ERR_get_error()
call loop, no call toNet::SSLeay::ERR_clear_error()
). It means these errors can leak to other unrelated places where the SSL error queue is checked. For example in my case it lead to SSL connections being wrongfully closed when a shutdown fails on an unrelated SSL socket in blocking mode.