[ https://issues.apache.org/jira/browse/HTTPCORE-444?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15849815#comment-15849815 ]
Isaac Cruz Ballesteros commented on HTTPCORE-444: ------------------------------------------------- Oleg, Thanks for your response, from this page: http://security.stackexchange.com/questions/82028/ssl-tls-is-a-server-always-required-to-respond-to-a-close-notify, in particular in the second answer: _When the application protocol that goes within the SSL/TLS tunnel is self-terminated, the close_notify is redundant, and can be dispensed with. Which is exactly what happens in modern HTTPS_. While I don't have a strong opinion on that, I have tested using HttpsUrlConnection from JDK and the connection is not closed until I call urlConnection.disconnect() (and thus closed by the client), which is not the case when using HTTP where the connection is closed immediately. This is also the case with a C client using libcurl. So I understand that the behavior of httpcore is 100% correct, but it seems the HTTPS clients I tried do not implement that close-notify, meaning that connections are left open until there's a timeout in either client or server. Isaac > When using HTTPS server with NoConnectionReuseStrategy, connections are not > closed > ---------------------------------------------------------------------------------- > > Key: HTTPCORE-444 > URL: https://issues.apache.org/jira/browse/HTTPCORE-444 > Project: HttpComponents HttpCore > Issue Type: Bug > Components: HttpCore NIO > Affects Versions: 4.4.6 > Reporter: Isaac Cruz Ballesteros > Priority: Minor > > I have a HTTPS server using NIO, and configured with > NoConnectionReuseStrategy so that connections are immediately closed after > download. I'm extending AbstractHttpEntity and implementing > HttpAsyncContentProducer to produce the content which will be sent in > response to a GET. When all the content has been written in produceContent(), > I call encoder.complete(). Basically a basic HTTPS server handling file > downloads. > When using plain HTTP, after all data has been sent, > ConnectionReuseStrategy,keepAlive() gets called, it returns false and the > connection is closed immediately from the server. > But when using HTTPS, keepAlive() is called but it does not close the > connection. I have been following the code from that point, setting a > breakpoint in keepAlive(), and I have the impression that a new handshake is > initiated (not 100% sure of this), sending some extra data which causes the > client to send a RST instead of a FIN when closing connection. -- This message was sent by Atlassian JIRA (v6.3.15#6346) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org