Shutting Down an Schannel Connection

When a client or server is finished with a connection, it must shut it down. The other party, in turn, must recognize the shutdown and delete the connection.

To shut down an Schannel connection

  1. Call the ApplyControlToken function, specifying the SCHANNEL_SHUTDOWN control token.
  2. After receiving an SEC_E_OK return value from ApplyControlToken, call the InitializeSecurityContext (Schannel) (clients) or AcceptSecurityContext (Schannel) (servers) function, passing in empty buffers.
  3. Proceed as though your application were creating a new connection until the function returns SEC_I_CONTEXT_EXPIRED or SEC_E_OK to indicate that the connection is shut down.
  4. Send the final output information, if any, to the remote party.
  5. Call DeleteSecurityContext to free resources held by the connection.

Recognizing a Shutdown

The DecryptMessage (Schannel) function returns SEC_I_CONTEXT_EXPIRED when the message sender has shut down the connection. After receiving this return value, follow the procedure To shut down an Schannel connection, earlier in this topic.