[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-hackers] tcp-shutdown
|
From: |
Seth Alves |
|
Subject: |
Re: [Chicken-hackers] tcp-shutdown |
|
Date: |
Thu, 26 Jul 2012 11:17:14 -0700 |
Maybe the library changed at some point? The docs say this:
http://www.openssl.org/docs/ssl/SSL_shutdown.html
When the application is the first party to
send the "close notify" alert,
SSL_shutdown() will only send the alert and
then set the SSL_SENT_SHUTDOWN flag (so that
the session is considered good and will be
kept in cache). SSL_shutdown() will then
return with 0.
...
In order to complete the bidirectional
shutdown handshake, SSL_shutdown() must be
called again. The second call will make
SSL_shutdown() wait for the peer's "close
notify" shutdown alert. On success, the
second call to SSL_shutdown() will return
with 1.
Here's the C version of the scheme code I'm trying to write:
http://headache.hungry.com/~seth/junk/openssl-shutdown-test.tar.gz
and it... doesn't exactly do what the docs describe on either my osx box or my
linux box. Anyway, try that with the do_shutdown_after_write set to 0 and 1.
When it's 0, the program takes a while to finish (I think google's server is
waiting on keep-alive traffic and eventually times-out). When it's 1, the
server sends an eof.
On Thu, Jul 26, 2012 at 8:43 AM, Thomas Chust <address@hidden> wrote:
> Seth Alves wrote:
>> [...]
>> Search for "TCP uses a FIN segment" in
>>
>> http://www.linuxjournal.com/node/4822/print
>>
>> and see
>>
>> http://www.openssl.org/docs/ssl/SSL_shutdown.html#
>>
>> So it seems like what I want should be possible.
>> [...]
>
> Hello Seth,
>
> SSL_shutdown closes the connection in both directions. A call to this
> function is already triggered by the OpenSSL egg after you have closed
> both the input and output ports of an SSL connection.
>
> Ciao,
> Thomas
>
>
> --
> When C++ is your hammer, every problem looks like your thumb.