Subject: [Boost-bugs] [Boost C++ Libraries] #11227: Support for unidirectional shutdown in ssl::stream
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2015-04-23 14:37:54
#11227: Support for unidirectional shutdown in ssl::stream
-------------------------------------+-------------------------------------
Reporter: Oleg Andriyanov | Type: Feature Requests
(o.andriyanov@… | Milestone: To Be Determined
Status: new | Version: Boost 1.57.0
Component: None | Keywords: ssl, SSL_shutdown,
Severity: Not Applicable | async_shutdown
-------------------------------------+-------------------------------------
In version 1.57 there is no possibility of sending "close notify" shutdown
alert to the peer without waiting for peer's response.
The motivation of such feature is that some applications won't send their
"close notify" response. In particular, Internet Explorer 11 apparently
does not send it's "close notify" response to the server which called
boost::asio::ssl::stream::async_shutdown when server's SSL certificate is
considered untrusted. As a consequence callback for async_shutdown is
never called, and the web server can not shutdown connection gracefully.
Citing OpenSSL documentation:
"''According to the TLS standard, it is acceptable for an application to
only send its shutdown alert and then close the underlying connection
without waiting for the peer's response''"...
Taking this into account it would be really helpful for me to have an
option in the async_shutdown method which would specify type of SSL
shutdown (unidirectional or bidirectional).
-- Ticket URL: <https://svn.boost.org/trac/boost/ticket/11227> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-02-16 18:50:18 UTC