crypto/tls: tls.Conn.Close sends unnecessary close_notify if the underlying connection was already closed #45709

ameshkov · 2021-04-22T18:35:08Z

Consider the following code:

	conn, _ := tls.Dial("tcp", "8.8.8.8:443", &tls.Config{ServerName: "dns.google"})
	_, _ = conn.Write([]byte("GET / HTTP/1.1\r\nHost: dns.google\r\nConnection: close\r\n\r\n"))
	_, _ = ioutil.ReadAll(conn)
	_ = conn.Close()

The problem with the way tls.Conn works in the current Golang version is that this code will guarantee that the underlying connection won't be closed gracefully and every time it'll cause RST packets sent from the remote endpoint.

Is it feasible to extend tls.Conn to take the underlying connection status into account? For instance, look for io.EOF when it reads from it?

The text was updated successfully, but these errors were encountered:

cherrymui · 2021-04-26T17:15:32Z

cc @FiloSottile

networkimprov · 2021-05-16T04:34:36Z

cc @bradfitz @ianlancetaylor

cherrymui added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Apr 26, 2021

cherrymui added this to the Backlog milestone Apr 26, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

crypto/tls: tls.Conn.Close sends unnecessary close_notify if the underlying connection was already closed #45709

crypto/tls: tls.Conn.Close sends unnecessary close_notify if the underlying connection was already closed #45709

ameshkov commented Apr 22, 2021

cherrymui commented Apr 26, 2021

networkimprov commented May 16, 2021

crypto/tls: tls.Conn.Close sends unnecessary close_notify if the underlying connection was already closed #45709

crypto/tls: tls.Conn.Close sends unnecessary close_notify if the underlying connection was already closed #45709

Comments

ameshkov commented Apr 22, 2021

cherrymui commented Apr 26, 2021

networkimprov commented May 16, 2021