I have a server kernel-mode driver accepting Schannel (TLS1.0) connections upon request from clients. I use “Schannel” as the security package when setting the Credentials for use in AcceptSecurityContext to create the connection. All works fine & decrypts input & encrypts output to the connected cient.
My problem occurs when I want to terminate the connection, the driver detects the clients shutdown request & attempts to shut down its security context and generate the reverse shutdown notificaion to send back to the client.
I pass SCHANNEL_SHUTDOWN control token to ApplyControlToken function to add the shutdown request to the security context & then call AcceptSecurityContext function, passing in empty buffers & get response SEC_E_INTERNAL_ERROR.
The SDK specifically states that ApplyControlToken is not supported in kernel mode & will return SEC_E_UNSUPPORTED_FUNCTION if attempted. However it returns SEC_E_OK.
Is there some other way of modifying the security context to request shutdown?
How do I gracefully terminate a kernel-mode Schannel connection ???
regards
John