[
https://issues.apache.org/jira/browse/HTTPCORE-444?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15849815#comment-15849815
]
Isaac Cruz Ballesteros commented on HTTPCORE-444:
-------------------------------------------------
Oleg,
Thanks for your response, from this page:
http://security.stackexchange.com/questions/82028/ssl-tls-is-a-server-always-required-to-respond-to-a-close-notify,
in particular in the second answer: _When the application protocol that goes
within the SSL/TLS tunnel is self-terminated, the close_notify is redundant,
and can be dispensed with. Which is exactly what happens in modern HTTPS_.
While I don't have a strong opinion on that, I have tested using
HttpsUrlConnection from JDK and the connection is not closed until I call
urlConnection.disconnect() (and thus closed by the client), which is not the
case when using HTTP where the connection is closed immediately. This is also
the case with a C client using libcurl.
So I understand that the behavior of httpcore is 100% correct, but it seems the
HTTPS clients I tried do not implement that close-notify, meaning that
connections are left open until there's a timeout in either client or server.
Isaac
> When using HTTPS server with NoConnectionReuseStrategy, connections are not
> closed
> ----------------------------------------------------------------------------------
>
> Key: HTTPCORE-444
> URL: https://issues.apache.org/jira/browse/HTTPCORE-444
> Project: HttpComponents HttpCore
> Issue Type: Bug
> Components: HttpCore NIO
> Affects Versions: 4.4.6
> Reporter: Isaac Cruz Ballesteros
> Priority: Minor
>
> I have a HTTPS server using NIO, and configured with
> NoConnectionReuseStrategy so that connections are immediately closed after
> download. I'm extending AbstractHttpEntity and implementing
> HttpAsyncContentProducer to produce the content which will be sent in
> response to a GET. When all the content has been written in produceContent(),
> I call encoder.complete(). Basically a basic HTTPS server handling file
> downloads.
> When using plain HTTP, after all data has been sent,
> ConnectionReuseStrategy,keepAlive() gets called, it returns false and the
> connection is closed immediately from the server.
> But when using HTTPS, keepAlive() is called but it does not close the
> connection. I have been following the code from that point, setting a
> breakpoint in keepAlive(), and I have the impression that a new handshake is
> initiated (not 100% sure of this), sending some extra data which causes the
> client to send a RST instead of a FIN when closing connection.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
