Skip to content

Add :shutdown() method for ending the TLS session before :close() #203

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add :shutdown() method for ending the TLS session before :close() #203

wants to merge 1 commit into from

Conversation

@mwild1
Copy link
Contributor

@mwild1 mwild1 commented Feb 6, 2025

This allows applications to separate ending the TLS session from closing the underlying socket. In particular, it enables us to avoid needing to set the socket to blocking mode during close().

We need this to avoid a problem that can cause Prosody servers to block during connection close on some systems. More details in this prosody-dev mailing list post.

@mwild1
Add :shutdown() method for ending the TLS session before :close()
7cfb91d 
This allows applications to separate ending the TLS session from closing the
underlying socket. In particular, it enables us to avoid needing to set the
socket to blocking mode during close().
@Neustradamus

This comment was marked as abuse.

Sign in to view
@hishamhm

This comment was marked as off-topic.

Sign in to view
@Neustradamus

This comment was marked as abuse.

Sign in to view
@mwild1

This comment was marked as outdated.

Sign in to view
alerque
alerque reviewed Mar 10, 2025
View reviewed changes
Copy link
Member

@alerque alerque left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any hope of getting test coverage on this?

@brunoos
Copy link
Member

brunoos commented Mar 14, 2025

Sorry, I'm very busy these past days...

In general the patch seem to work, but I have some comments:

  • In "case 0" of shutdown, it could return a string "inprogress" as error, instead of return nothing
  • The connection state should be mark as closed in the case 0 also, since shutdown close the session immediately
  • Shutdown state should use 3 state values instead of 0/1 and stop using the close state to control it

It would be good to look for if there is a way to recover the shutdown state directly from openssl, so as not to replicate the state in luasec

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alerque alerque alerque left review comments

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@mwild1 @Neustradamus @hishamhm @brunoos @alerque