X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fs_socket.c;h=2f3e90bbf97a2eb07bb6d9ea6ac3ac2131243481;hp=3bdb587395019ecca00e4560ea21853c60ebf448;hb=bac6abe18d28373e0d2d0666c411020404197337;hpb=180794c54e98ae467c4ebced3737e1ede03e320a

diff --git a/apps/s_socket.c b/apps/s_socket.c
index 3bdb587395..2f3e90bbf9 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -221,6 +221,23 @@ int do_server(int *accept_sock, const char *host, const char *port,
                 break;
             }
             i = (*cb)(sock, type, protocol, context);
+            /*
+             * If we ended with an alert being sent, but still with data in the
+             * network buffer to be read, then calling BIO_closesocket() will
+             * result in a TCP-RST being sent. On some platforms (notably
+             * Windows) then this will result in the peer immediately abandoning
+             * the connection including any buffered alert data before it has
+             * had a chance to be read. Shutting down the sending side first,
+             * and then closing the socket sends TCP-FIN first followed by
+             * TCP-RST. This seems to allow the peer to read the alert data.
+             */
+#ifdef _WIN32
+# ifdef SD_SEND
+            shutdown(sock, SD_SEND);
+# endif
+#elif defined(SHUT_WR)
+            shutdown(sock, SHUT_WR);
+#endif
             BIO_closesocket(sock);
         } else {
             i = (*cb)(asock, type, protocol, context);