AsioTlsStream: add GracefulDisconnect() and ForceDisconnect()

Calling `AsioTlsStream::async_shutdown()` performs a TLS shutdown which
exchanges messages (that's why it takes a `yield_context`) and thus has the
potential to block the coroutine. Therefore, it should be protected with a
timeout. As `async_shutdown()` doesn't simply take a timeout, this has to be
implemented using a timer. So far, these timers are scattered throughout the
codebase with some places missing them entirely. This commit adds helper
functions to properly shutdown a TLS connection with a single function call.

Author: julianbrost

lib/base/tlsstream.cpp

@@ -7,6 +7,7 @@
 #include "base/logger.hpp"
 #include "base/configuration.hpp"
 #include "base/convert.hpp"
+#include "base/io-engine.hpp"
 #include <boost/asio/ssl/context.hpp>
 #include <boost/asio/ssl/verify_context.hpp>
 #include <boost/asio/ssl/verify_mode.hpp>
@@ -103,3 +104,45 @@ void UnbufferedAsioTlsStream::BeforeHandshake(handshake_type type)
 	}
 #endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
 }
+
+/**
+ * Forcefully close the connection, typically (details are up to the operating system) using a TCP RST.
+ */
+void AsioTlsStream::ForceDisconnect()
+{
+	boost::system::error_code ec;
+
+	// Close the socket. In case the connection wasn't shut down cleanly by GracefulDisconnect(), the operating system
+	// will typically terminate the connection with a TCP RST. Otherwise, this just releases the file descriptor.
+	lowest_layer().close(ec);
+}
+
+/**
+ * Try to cleanly shut down the connection. This involves sending a TLS close_notify shutdown alert and terminating the
+ * underlying TCP connection. Sending these additional messages can block, hence the method takes a yield context and
+ * internally implements a timeout of 10 seconds for the operation after which the connection is forcefully terminated
+ * using ForceDisconnect().
+ *
+ * @param strand Asio strand used for other operations on this connection.
+ * @param yc Yield context for Asio coroutines
+ */
+void AsioTlsStream::GracefulDisconnect(boost::asio::io_context::strand strand, boost::asio::yield_context yc)
+{
+	boost::system::error_code ec;
+
+	Timeout::Ptr shutdownTimeout(new Timeout(strand.context(), strand, boost::posix_time::seconds(10),
+		[this, keepAlive = AsioTlsStream::Ptr(this)](boost::asio::yield_context yc) {
+			// Forcefully terminate the connection if async_shutdown() blocked more than 10 seconds.
+			ForceDisconnect();
+		}
+	));
+	// Close the TLS connection, effectively uses SSL_shutdown() to send a close_notify shutdown alert to the peer.
+	next_layer().async_shutdown(yc[ec]);
+	shutdownTimeout->Cancel();
+
+	// Shut down the TCP connection.
+	lowest_layer().shutdown(lowest_layer_type::shutdown_both, ec);
+
+	// Clean up the connection (closes the file descriptor).
+	ForceDisconnect();
+}

lib/base/tlsstream.hpp

@@ -118,6 +118,9 @@ class AsioTlsStream : public SharedObject, public boost::asio::buffered_stream<U
 		return new AsioTlsStream(ioContext, sslContext, hostname);
 	}
 
+	void ForceDisconnect();
+	void GracefulDisconnect(boost::asio::io_context::strand strand, boost::asio::yield_context yc);
+
 private:
 	inline
 	AsioTlsStream(UnbufferedAsioTlsStreamParams init)