Open naryl opened 1 day ago
Removing close-socket
makes it work properly but the server now (as expected) waits for the client to close the connection.
Relevant docs: https://docs.openssl.org/master/man3/SSL_shutdown/#shutdown-lifecycle https://docs.openssl.org/master/man3/SSL_shutdown/#fast-shutdown
But seems like cl-async
just does fast shutdown which shouldn't be a problem for clients: https://github.com/orthecreedence/cl-async/blob/289aac99a701341e487cd548cd65b4c01271a739/src/ssl/tcp.lisp#L55
gnutls-cli localhost:443 --tofu --crlf
and send a line of data.Expected: The server replies with "THIS IS A SECURE LINE!", terminates the TLS connection, then closes the socket. Actual: The server replies with "THIS IS A SECURE LINE!" and closes the socket without terminating the TLS connection. This is the error returned by
gnutls-cli
:Using
#'as-ssl::close-streamish
instead ofas::close-socket
has exactly the same observable result.