Curl connection to s_server fails due to abrupt closure by s_server

[Hussain1811]

I'm using OpenSSL 1.1.1i and curl 7.74
Below are the steps that i followed:

Step1: In terminal1, execute openssl s_server -accept localhost:1111 -cert client_cert.pem -key client.key -tls1_2 -CAfile ca/ca_cert.pem -www

Step2: Parallely in terminal2, execute curl -kv https://localhost:1111/

After executing the above steps, i face the below error:
OpenSSL SSL_read: Connection closed abruptly, errno 0 (Fatal because this is a curl debug build)
multi_done
The cache now contains 0 members
Closing connection 0
Expire cleared (transfer 0x21facb0)
curl_easy_perform() failed: Failure when receiving data from the peer

Basically, the curl community have made their error checking more stricter in their newer versions and hence throw a fatal error when a server abruptly closes a connection without any TLS notification.
But, the question that i had is: Why is s_server abruptly terminating the connection?

I also tried to manually end the connection from the s_server side by using "q", "Q" (without the -www option in step1). But, they don't solve the issue too.

Could you i please get some leads in this?

[mattcaswell]

This is a long standing issue with s_server. It does an unfriendly abrupt shutdown:

openssl/apps/s_server.c

Lines 2708 to 2711 in ee833fe

	if (con != NULL) {
	BIO_printf(bio_s_out, "shutting down SSL\n");
	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
	SSL_free(con);

To shutdown "properly" you are supposed to call SSL_shutdown. This has been fixed in the master branch via #11734 - so the proper shutdown handling will be in 3.0. There is an arguable case to say this is a bug and that PR should be backported to 1.1.1.

[Hussain1811]

Oh!
Thanks a lot for pointing out the PR.