Mercurial > hg > freeDiameter

changeset 251:52c1547dab42

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Call gnutls_bye on closing connection
author Sebastien Decugis <sdecugis@nict.go.jp>
date Fri, 02 Apr 2010 17:12:47 +0900
parents 07624e65c7e0
children 433ef00ac049
files freeDiameter/cnxctx.c
diffstat 1 files changed, 5 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/freeDiameter/cnxctx.c	Fri Apr 02 16:37:40 2010 +0900
+++ b/freeDiameter/cnxctx.c	Fri Apr 02 17:12:47 2010 +0900
@@ -822,6 +822,10 @@
 					TRACE_DEBUG(INFO, "This GNU TLS error is not handled, assume unrecoverable error");
 			}
 		} );
+		
+	if (ret == 0)
+		CHECK_GNUTLS_DO( gnutls_bye(session, GNUTLS_SHUT_RDWR),  );
+	
 end:	
 	if (ret <= 0)
 		fd_cnx_markerror(conn);
@@ -1070,7 +1074,7 @@
 		if (TRACE_BOOL(INFO)) {
 			fd_log_debug("TLS: Remote certificate invalid on socket %d (Remote: '%s')(Connection: '%s') :\n", conn->cc_socket, conn->cc_remid, conn->cc_id);
 			if (ret & GNUTLS_CERT_INVALID)
-				fd_log_debug(" - The certificate is not trusted (unknown CA?)\n");
+				fd_log_debug(" - The certificate is not trusted (unknown CA? expired?)\n");
 			if (ret & GNUTLS_CERT_REVOKED)
 				fd_log_debug(" - The certificate has been revoked.\n");
 			if (ret & GNUTLS_CERT_SIGNER_NOT_FOUND)
"Welcome to our mercurial repository"