crypto/tls: safely shutdown #29462
$ go version go version go1.11.2 linux/amd64
Does this issue reproduce with the latest release?
Safely and reliably shutting down an SSL transport while keeping the underlying connection still open is not supported by the API in an intuitive way. I have posted this question on stackoverflow here: https://stackoverflow.com/questions/53825725/how-to-safely-shutdown-ssl-connection
But to repeat the question:
Using Go, how can a tls.Conn be safely shutdown without entirely closing the underlying connection? I have a working solution, but I am not sure if there is a better way.
In my application I have a non-SSL connection that is eventually 'upgraded' to an SSL connection. Then at some point the SSL connection should be closed cleanly, and the connection should return to the non-SSL version (where unencrypted traffic can be sent between the two parties).
This works because if a closeNotify alert record is received then
This is a bit confusing from a user's point of view. It would be preferable to have an API like
Or maybe there is a better way to cleanly shutdown, but that is for the library writer's to decide.
I realize it is a bit strange to want to shutdown an SSL transport and continue to use the underlying connection but that is the constraint I am working under.
If it is helpful I can provide a small working example.