diff --git a/lib/modules/SSL.pmod/Constants.pmod b/lib/modules/SSL.pmod/Constants.pmod
index 18c8f427b6952073afcd4fa96ea11ec204b39c4e..4f63fc1c953c97a31c112db545ef897fdbfc796e 100644
--- a/lib/modules/SSL.pmod/Constants.pmod
+++ b/lib/modules/SSL.pmod/Constants.pmod
@@ -115,13 +115,28 @@ constant STATE_wait_for_finish = 3;
//! @[CONNECTION_handshaking].
enum ConnectionState {
CONNECTION_ready = 0x0000, //! Connection is ready for use.
+
+ // Handshaking.
CONNECTION_handshaking = 0x0100, //! Handshaking not done.
+
+ // Peer.
CONNECTION_peer_closed = 0x0001, //! Peer has closed the connection.
CONNECTION_peer_fatal = 0x0002, //! Peer has issued a fatal alert.
+
+ // Local.
CONNECTION_local_closed = 0x0010, //! Local close packet sent.
CONNECTION_local_fatal = 0x0020, //! Fatal alert sent.
CONNECTION_local_closing = 0x0040, //! Local close packet pending.
CONNECTION_local_failing = 0x0080, //! Fatal alert pending.
+
+ // Some composite values.
+ CONNECTION_closed = 0x0011, //! Closed at both ends.
+ CONNECTION_closing = 0x0051, //! Connection closing mask.
+
+ CONNECTION_peer_down = 0x000f, //! Peer mask.
+ CONNECTION_local_down = 0x00f0, //! Local mask.
+
+ CONNECTION_failing = 0x00a2, //! Connection failing mask.
};
/* Cipher specification */
diff --git a/lib/modules/SSL.pmod/sslfile.pike b/lib/modules/SSL.pmod/sslfile.pike
index ad021acc0cae7f9cdea45ab556277be26b0ac00c..49be58b82c7c7b96af6493780581c008f317127b 100644
--- a/lib/modules/SSL.pmod/sslfile.pike
+++ b/lib/modules/SSL.pmod/sslfile.pike
@@ -211,8 +211,7 @@ protected constant epipe_errnos = (<
#define SSL_INTERNAL_READING \
(SSL_HANDSHAKING || \
(close_state == CLEAN_CLOSE ? \
- ((conn->state & (CONNECTION_local_closed | CONNECTION_peer_closed)) == \
- CONNECTION_local_closed) : \
+ ((conn->state & CONNECTION_closed) == CONNECTION_local_closed) : \
close_packet_send_state == CLOSE_PACKET_MAYBE_IGNORED_WRITE_ERROR))
// Try to write when there's data in the write buffer or when we have
@@ -818,8 +817,7 @@ Stdio.File shutdown()
switch (close_state) {
case CLEAN_CLOSE:
- if ((conn_state & (CONNECTION_peer_closed|CONNECTION_local_closed)) ==
- (CONNECTION_peer_closed | CONNECTION_local_closed)) {
+ if ((conn_state & CONNECTION_closed) == CONNECTION_closed) {
SSL3_DEBUG_MSG ("SSL.sslfile->shutdown(): Clean close - "
"leaving stream\n");
local_errno = 0;
@@ -1598,24 +1596,18 @@ int is_open()
// essentially doing a peek and call ssl_read_callback directly,
// but that'd lead to subtle code duplication. (Also, peek is
// currently not implemented on NT.)
- ConnectionState closed = conn->state &
- (CONNECTION_local_closed | CONNECTION_peer_closed);
+ ConnectionState closed = conn->state & CONNECTION_closed;
if ((close_state == CLEAN_CLOSE ?
- closed != (CONNECTION_local_closed | CONNECTION_peer_closed) :
- !closed))
+ closed != CONNECTION_closed : !closed))
RUN_MAYBE_BLOCKING (
action && (close_state == CLEAN_CLOSE ?
- (conn->state &
- (CONNECTION_local_closed | CONNECTION_peer_closed)) !=
- (CONNECTION_local_closed | CONNECTION_peer_closed) :
- !(conn->state &
- (CONNECTION_local_closed | CONNECTION_peer_closed))),
+ (conn->state & CONNECTION_closed) != CONNECTION_closed :
+ !(conn->state & CONNECTION_closed)),
1, 1,
RETURN (!epipe_errnos[local_errno]));
- closed = conn->state &
- (CONNECTION_local_closed | CONNECTION_peer_closed);
+ closed = conn->state & CONNECTION_closed;
RETURN (conn && (close_state == CLEAN_CLOSE ?
- closed != (CONNECTION_local_closed | CONNECTION_peer_closed) && 2 : !closed));
+ (closed != CONNECTION_closed) && 2 : !closed));
}
} LEAVE;
return 0;
@@ -2200,7 +2192,7 @@ protected int ssl_write_callback (int called_from_real_backend)
if (int err = queue_write()) {
if (err > 0) {
#ifdef SSLFILE_DEBUG
- if (!(conn->state & (CONNECTION_local_closed|CONNECTION_peer_closed)) ||
+ if (!(conn->state & CONNECTION_closed) ||
close_packet_send_state < CLOSE_PACKET_QUEUED_OR_DONE)
error ("Expected a close to be sent or received\n");
#endif