Please run the test so that you'll see the problem.

2013/4/9 Antoine Pitrou <report@bugs.python.org>

>
> Antoine Pitrou added the comment:
>
> I don't think your patch is right:
>
> - calling unwrap() already shuts down the SSL layer; this is the right way
> to do it and is documented as such: "Performs the SSL shutdown handshake,
> which removes the TLS layer from the underlying socket, and returns the
> underlying socket object"
>
> - shutdown() right now isn't blocking; if you add a call to SSL shutdown,
> it can either block or fail with EAGAIN or similar, which is something
> people won't expect
>
> - close() should simply close the file descriptor, like on a regular
> socket (if you call socket.close(), it won't shutdown the TCP connection,
> especially if there's another file descriptor referencing the same
> connection)
>
> As for Modules/_ssl.c, the case where SSL_shutdown() returns 0 is already
> handled:
>
>         if (err == 0) {
>             /* Don't loop endlessly; instead preserve legacy
>                behaviour of trying SSL_shutdown() only twice.
>                This looks necessary for OpenSSL < 0.9.8m */
>             if (++zeros > 1)
>                 break;
>             /* Shutdown was sent, now try receiving */
>             self->shutdown_seen_zero = 1;
>             continue;
>         }
>
> ... so I don't think anything more is necessary.
>
> So I think things are fine right now and your patch shouldn't be applied.
>
> ----------
> nosy: +pitrou
> stage:  -> patch review
> versions:  -Python 2.6, Python 3.1, Python 3.2, Python 3.5
>
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue17672>
> _______________________________________
>