Re: MSIE and ssl-unclean-shutdown

Fri, 21 May 1999 09:12:02 -0700 

Bodo Moeller wrote:
> 
> On Fri, May 21, 1999 at 02:25:23PM +0100, Ben Laurie wrote:
> > Bodo Moeller wrote:
> >> On Fri, May 21, 1999 at 09:08:52AM +0200, Ralf S. Engelschall wrote:
> 
> >>>> What exactly does Apache with mod_ssl do when shutting down an SSL
> >>>> connection (in the default case)?  Does it send its close_notify alert
> >>>> and then send a FIN -- i.e. shutdown(..., SHUT_WR) -- so that the
> >>>> browser still can write TCP data, or does it send the close_notify
> >>>> alert and then immediately perform a (half-duplex) close(...)?
> 
> >>>                                        ^^^^ half? you mean full, right?
> 
> >> Maybe I *mean* "full-duplex", but I did intend to write "half-duplex" :-)
> >> That's the term used in RFC 1122; it looks just as strange to me as it
> >> does to you, but as the standard uses that terminology ...
> 
> > Hmmm ... leaving aside what is meant, the term "half-duplex close" is
> > entirely non-standard ... the correct term is "half-close", surely?
> 
> No, it's exactly the opposite: Instead of keeping a half-closed
> connection (where the party that initiated the close stays in
> FIN-WAIT-2 state and the other party stays in CLOSE-WAIT until it
> decides to close its sending direction too), one party closes both
> directions.  That does not fit into the world-view of RFC 793, but is
> allowed by RFC 1122.  Since these two RFCs are Internet Standards and
> RFC 1122 uses the term "half-duplex close", calling this term "entirely
> non-standard" is, well, entirely non-standard :-)

Aha. I have to admit to being puzzled by the concept, since surely one
party always closes both directions (unless they do a half-close)? Or is
the point that there are only two kinds of close: a half-close and a
half-duplex close?

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to