Skip to content

crypto/tls: tls.Conn.Close sends unnecessary close_notify if the underlying connection was already closed #45709

@ameshkov

Description

@ameshkov

Consider the following code:

	conn, _ := tls.Dial("tcp", "8.8.8.8:443", &tls.Config{ServerName: "dns.google"})
	_, _ = conn.Write([]byte("GET / HTTP/1.1\r\nHost: dns.google\r\nConnection: close\r\n\r\n"))
	_, _ = ioutil.ReadAll(conn)
	_ = conn.Close()

The problem with the way tls.Conn works in the current Golang version is that this code will guarantee that the underlying connection won't be closed gracefully and every time it'll cause RST packets sent from the remote endpoint.

image

Is it feasible to extend tls.Conn to take the underlying connection status into account? For instance, look for io.EOF when it reads from it?

Metadata

Metadata

Assignees

No one assigned

    Labels

    NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.

    Type

    No type

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions