Don't unconditionally shut down the SslStream

OpenSSL doesn't like applications to call SSL_Shutdown on a connection
which either hasn't finished the handshake or has fatal errors. This
commit only addresses the first case.

When using tokio_openssl::SslStream in hyper, and (a)waiting on the conn
returned by for instance hyper::client::conn::http1::handshake(stream)
it returns  "error shutting down connection" with the nested cause
"shutdown while in init" errors if the SSL handshake fails.

This error might not fatal, but it is confusing, and makes it harder
find the actual error one is looking for.

Author: oscarh

src/lib.rs

@@ -269,7 +269,17 @@ where
     }
 
     fn poll_shutdown(mut self: Pin<&mut Self>, ctx: &mut Context) -> Poll<io::Result<()>> {
-        match self.as_mut().with_context(ctx, |s| s.shutdown()) {
+        let maybe_shutdown = |s: &mut openssl::ssl::SslStream<_>| {
+            if s.ssl().is_init_finished() {
+                s.shutdown()
+            } else {
+                // I would really like to return an error with ErrorCode::ZERO_RETURN here,
+                // but there aren't any public methods to create openssl::error::Error
+                Ok(ShutdownResult::Received)
+            }
+        };
+
+        match self.as_mut().with_context(ctx, maybe_shutdown) {
             Ok(ShutdownResult::Sent) | Ok(ShutdownResult::Received) => {}
             Err(ref e) if e.code() == ErrorCode::ZERO_RETURN => {}
             Err(ref e) if e.code() == ErrorCode::WANT_READ || e.code() == ErrorCode::WANT_WRITE => {