Christian Heimes <li...@cheimes.de> added the comment:
TLS 1.2 has one-way close notify. For example typical HTTP clients like curl send a close_notify and then shut down the TCP connection. HTTP servers may not reply with close_notify or may not wait for the client to confirm the server-side close notify. Python's ssl module does not support one-way close yet. It's an unfortunate limitation of the API that predates my involvement in the ssl module. The unwrap() methods always performs a blocking two-way shutdown. unwrap() calls SSL_shutdown() twice to downgrade a TLS connection to a plain TCP connection. The unwrap() API also requires cooperation from both parties. https://tools.ietf.org/html/rfc5246#section-7.2.1 https://www.openssl.org/docs/manmaster/man3/SSL_shutdown.html ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue39951> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
