search

pallets / werkzeug

The comprehensive WSGI web application library.
https://werkzeug.palletsprojects.com
BSD 3-Clause "New" or "Revised" License
6.67k stars 1.73k forks source link

TLS connection not properly closed #2868

Closed phoebusm closed 8 months ago

phoebusm commented 8 months ago

I am testing moto with werkzeug for some S3 connection test. The client uses libcurl as the backend. During the test, I encountered error OpenSSL SSL_read: Connection closed abruptly, errno 0 (Fatal because this is a curl debug build) which in https://github.com/curl/curl/blob/fd1260d492f9fb4d16c5abd22a58de959f49dcf8/lib/vtls/openssl.c#L4759, suggests close_notify was not sent before the end of the session. I have found some discussion online regarding this matter and it suggests close_notify should be sent.

werkzeug.run_simple(
            "0.0.0.0",
            port,
            _HostDispatcherApplication(create_backend_app, service="s3"),
            threaded=True,
            ssl_context=(cert_file, key_file) if cert_file and key_file else None,
        )

close_notify sent at the end of the session

Environment:

davidism commented 8 months ago

Werkzeug is a basic wrapper around Python's built-in http.server, you'll want to report that to them with a minimal reproducible example.