TLS Fixes (#6)

- Fixed TLS Socket destructor hanging if peer doesnt respond
- Fixed Tls Socket move CTOR freeing the TlsContext unexpectedly

Author: f-michaut

.gitignore

@@ -5,6 +5,7 @@ compile_commands.json
 
 *.tmp
 *.gch
+*.pch
 vgcore.*
 
 .vscode/

include/CppSockets/Tls/Context.hpp

@@ -4,7 +4,7 @@
 ** Author Francois Michaut
 **
 ** Started on  Wed Aug 20 14:13:44 2025 Francois Michaut
-** Last update Thu Aug 21 14:14:45 2025 Francois Michaut
+** Last update Fri Aug 22 21:43:02 2025 Francois Michaut
 **
 ** Context.hpp : Context for TLS sockets
 */
@@ -23,9 +23,9 @@ namespace CppSockets {
             TlsContext(SSL_CTX *ptr, bool own = true);
 
             TlsContext(const TlsContext &other) { *this = other; }
-            TlsContext(TlsContext &&other) noexcept = default;
+            TlsContext(TlsContext &&other) noexcept;
             auto operator=(const TlsContext &other) -> TlsContext &;
-            auto operator=(TlsContext &&other) noexcept -> TlsContext & = default;
+            auto operator=(TlsContext &&other) noexcept -> TlsContext &;
 
             ~TlsContext();
 

include/CppSockets/Tls/Socket.hpp

@@ -4,7 +4,7 @@
 ** Author Francois Michaut
 **
 ** Started on  Wed Sep 14 20:51:23 2022 Francois Michaut
-** Last update Wed Aug 20 23:11:28 2025 Francois Michaut
+** Last update Fri Aug 22 21:55:50 2025 Francois Michaut
 **
 ** SecureSocket.hpp : TLS socket wrapper using openssl
 */
@@ -34,6 +34,8 @@ namespace CppSockets {
             auto operator=(const TlsSocket &other) -> TlsSocket & = delete;
             auto operator=(TlsSocket &&other) noexcept -> TlsSocket &;
 
+            void close();
+
             auto read(std::size_t len = -1) -> std::string;
             auto read(char *buff, std::size_t size) -> std::size_t;
             auto write(std::string_view buff) -> std::size_t { return this->write(buff.data(), buff.size()); };

private/CppSockets/SslMacros.hpp

@@ -4,7 +4,7 @@
 ** Author Francois Michaut
 **
 ** Started on  Wed Aug 20 16:54:02 2025 Francois Michaut
-** Last update Wed Aug 20 18:59:18 2025 Francois Michaut
+** Last update Fri Aug 22 21:46:55 2025 Francois Michaut
 **
 ** SslMacros.hpp : Private Macros to define SSL wrappers
 */
@@ -22,7 +22,7 @@
     type *dup = type##_dup(other.m_ptr.get());                                                      \
                                                                                                     \
     if (dup == nullptr) {                                                                           \
-        throw std::runtime_error("Failed to dup ##type##");                                         \
+        throw std::runtime_error("Failed to dup " #type);                                          \
     }                                                                                               \
     if (!this->m_own) {                                                                             \
         (void)this->m_ptr.release();                                                                \

source/Tls/Context.cpp

@@ -4,7 +4,7 @@
 ** Author Francois Michaut
 **
 ** Started on  Wed Aug 20 14:40:41 2025 Francois Michaut
-** Last update Wed Aug 20 18:58:53 2025 Francois Michaut
+** Last update Fri Aug 22 21:46:12 2025 Francois Michaut
 **
 ** Context.cpp : Implementation of the Context for TLS sockets
 */
@@ -63,10 +63,22 @@ namespace CppSockets {
         TLS_CONTEXT_CONSTRUCTOR_BODY;
     }
 
+    TlsContext::TlsContext(TlsContext &&other) noexcept {
+        *this = other;
+    }
+
     auto TlsContext::operator=(const TlsContext &other) -> TlsContext & {
         UP_REF_ASSIGNMENT_OPERATOR(SSL_CTX)
     }
 
+    auto TlsContext::operator=(TlsContext &&other) noexcept -> TlsContext & {
+        std::swap(m_ptr, other.m_ptr);
+        std::swap(m_own, other.m_own);
+
+        m_verify_callback = std::move(other.m_verify_callback);
+        return *this;
+    }
+
     MAKE_DESTRUCTOR(TlsContext)
 
     void TlsContext::set_min_proto_version(int version) {

source/Tls/Socket.cpp

@@ -4,7 +4,7 @@
 ** Author Francois Michaut
 **
 ** Started on  Wed Sep 14 21:04:42 2022 Francois Michaut
-** Last update Wed Aug 20 23:12:24 2025 Francois Michaut
+** Last update Fri Aug 22 21:57:23 2025 Francois Michaut
 **
 ** SecureSocket.cpp : TLS socket wrapper implementation
 */
@@ -77,36 +77,45 @@ namespace CppSockets {
 
     TlsSocket::~TlsSocket() noexcept {
         if (m_ssl && this->connected()) {
-            int ret = SSL_shutdown(m_ssl.get()); // TODO: log failure
-
-            if (ret == 0) {
-                try {
-                    while (this->connected()) {
-                        this->read();
-                    }
-                } catch (std::runtime_error &e) {
-                    // TODO: What ?
-                }
-                SSL_shutdown(m_ssl.get()); // TODO: log failure
-            }
+            // TODO: Better shutdown mecanics
+            int ret = SSL_shutdown(m_ssl.get());
+
+            // if (ret == 1) {
+            //     // Peer also closed -> We can leave.
+            // } else if (ret == 0) {
+            //     // Peer didn't send, but we can't wait in the Destructor
+            // } else {
+            //     // TODO: log failure
+            // }
         }
     }
 
-    TlsSocket::TlsSocket(TlsSocket &&other) noexcept :
-        Socket(std::move(other)), m_ctx(std::move(other.m_ctx)),
-        m_ssl(std::move(other.m_ssl)), m_peer_cert(std::move(other.m_peer_cert))
-    {}
+    TlsSocket::TlsSocket(TlsSocket &&other) noexcept {
+        *this = std::move(other);
+    }
 
     auto TlsSocket::operator=(TlsSocket &&other) noexcept -> TlsSocket & {
-        std::swap(m_ssl, other.m_ssl);
-
+        m_ssl = std::move(other.m_ssl);
         m_ctx = std::move(other.m_ctx);
         m_peer_cert = std::move(other.m_peer_cert);
 
         Socket::operator=(std::move(other));
         return *this;
     }
 
+    void TlsSocket::close() {
+        int ret = SSL_shutdown(m_ssl.get());
+
+        if (ret == 1) {
+            return Socket::close();
+        }
+        // if (ret == 0) {
+        //     // TODO: wait for peer
+        // } else {
+        //     // TODO: Log failure
+        // }
+    }
+
     void TlsSocket::set_verify(int mode, SSL_verify_cb verify_callback) {
         // TODO: While setting it on the CTX makes sense imo (since accepted sockets will inherit this), an application
         // might not want that behavior. Need to provide alertnate ways to set verify on CTX vs SSL

tests/CMakeLists.txt

@@ -4,14 +4,16 @@
 ## Author Francois Michaut
 ##
 ## Started on  Mon Feb 14 19:35:41 2022 Francois Michaut
-## Last update Sat Aug  2 18:06:42 2025 Francois Michaut
+## Last update Fri Aug 22 21:12:37 2025 Francois Michaut
 ##
 ## CMakeLists.txt : CMake building and running tests for CppSockets
 ##
 
 include(CTest)
 
 create_test_sourcelist(TestFiles test_driver.cpp
+  Tls/TestContext.cpp
+
   TestSockets.cpp
 )
 

tests/TestSockets.cpp

@@ -4,7 +4,7 @@
 ** Author Francois Michaut
 **
 ** Started on  Mon Feb 14 21:17:55 2022 Francois Michaut
-** Last update Tue Aug  5 11:11:27 2025 Francois Michaut
+** Last update Fri Aug 22 21:11:25 2025 Francois Michaut
 **
 ** TestSockets.cpp : Socket tests
 */
@@ -23,7 +23,7 @@
 
 using namespace CppSockets;
 
-int TestSockets(int /* ac */, char ** const /* av */)
+auto TestSockets(int /* ac */, char ** const /* av */) -> int
 {
 #ifdef OS_WINDOWS
     // TODO

tests/Tls/TestContext.cpp

@@ -0,0 +1,36 @@
+/*
+** Project FileShare-Tests, 2025
+**
+** Author Francois Michaut
+**
+** Started on  Fri Aug 22 21:09:12 2025 Francois Michaut
+** Last update Fri Aug 22 21:36:06 2025 Francois Michaut
+**
+** TestContext.cpp : TlsContext tests
+*/
+
+#include "CppSockets/Tls/Context.hpp"
+#include "CppSockets/Tls/Socket.hpp"
+
+void TestConfigCopyCtor() {
+    CppSockets::TlsContext ctx;
+    CppSockets::TlsSocket soc;
+
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+    soc = CppSockets::TlsSocket(AF_INET, SOCK_STREAM, 0, ctx);
+}
+
+auto Tls_TestContext(int /* ac */, char ** const /* av */) -> int
+{
+    TestConfigCopyCtor();
+    return 0;
+}