On Fri, May 21, 1999 at 01:00:02PM +0200, Bodo Moeller wrote:
>> When I
>> understand you correctly, the problem can be those platforms where Apache
>> doesn't do the lingering close, right?
> Could be, yes. Netscape does not recognize the shutdown until the TCP
> connection is closed (i.e. a FIN arrives -- I think the actual
> close_notify is just ignored), and it checks for this only when it
> wants to reuse the open connection -- if IE behaves like that, but
> additionally tries to send its own close_notify when this happens,
> then it cannot work, because it will get a RST if the server has
> totally closesd the connection by then. So there's the I/O error.
I've done some tests now ... IE sends its request and ignores both the
server's shutdown *and* the TCP FIN (while Netscape finally gets the
idea of closing a connection when the FIN arrives). Finally the
server sends a RST, and IE prints its error message. And for the
record, the SSL/TLS server at www.microsoft.com does not send any
closure alerts at all -- after having sent its application data it
resets (!) the connection. So neither TLS nor TCP are handled
correctly by it. (At the HTTP port, it closes the connection
cleanly.) IE doesn't mind if the connection has disappeared by the
time it wants to launch its next request, but it complains if this
happens *after* the new request has been started.
This behaviour does not cause noticeable problems if the server resets
the connection before the browser starts its next request. But it
obviously cannot work reliably, only heuristically: The server cannot
know when the peer's TCP has delivered all data to the browser, and if
the RST arrives too early, it kills the active connection; similarly,
if the server's reset is sent concurrently with the brower's next
request, an error message is inevitable. Another example of Microsoft
quality :-)
I've also looked at a connection between a Netscape client and server:
At the end, the server sends its close_notify, then a FIN, and finally
a RST -- the latter probably helps to cope with IE browsers.
> What those browsers should do, of course, is select() for readability
> on all their open connections even while they are not used, so that
> they can detect a FIN and, in the SSL/TLS case, incoming alerts and
> the like at once.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
