On Wed, Mar 19, 2014 at 3:18 PM, Ángel González <keis...@gmail.com> wrote: > On 19/03/14 12:52, Tim Ruehsen wrote: > > On Tuesday 18 March 2014 20:05:07 Daniel Kahn Gillmor wrote: > > On 03/18/2014 05:31 PM, Tim Rühsen wrote: > > $ wget -d --ca-certificate=ca-rsa-cert.pem > --private-key=ca-rsa-key-plain.pem https://example.com:8443 > 2014-03-18 21:48:04 (1.88 GB/s) - Read error at byte 5116 (The TLS > connection was non-properly terminated.).Retrying. > > There seems to be a problem in Wget 1.15 (on Debian SID)... > > ... > In our case, the connection shutdown by the server generates an error at the > Wget side. (I guess this is a difference between SSL and plain TCP > connections.) > Wget assumes the transfer being incomplete and tries it again and again. > Not really a bug, but also not the result a user would expect... > Saying "the server is buggy" doesn't help either. > > > In order to close a ssl session, the server should send a close_notify > message, > which seems to be what the server is not doing (in addition of not providing > the Content-Length). > IIS is a well-known server not doing it: > https://bugs.php.net/bug.php?id=23220 That's actually OpenSSL's s_server (unless Tim's tests were carried out with a different platform).
Jeff