Re: [Bug-wget] Read error at byte ...

[Tim Ruehsen]

On Wednesday 19 March 2014 15:27:04 Jeffrey Walton wrote:
> On Wed, Mar 19, 2014 at 3:18 PM, Ángel González <address@hidden> wrote:
> > On 19/03/14 12:52, Tim Ruehsen wrote:
> > 
> > On Tuesday 18 March 2014 20:05:07 Daniel Kahn Gillmor wrote:
> > 
> > On 03/18/2014 05:31 PM, Tim Rühsen wrote:
> > 
> > $ wget -d --ca-certificate=ca-rsa-cert.pem
> > --private-key=ca-rsa-key-plain.pem https://example.com:8443
> > 2014-03-18 21:48:04 (1.88 GB/s) - Read error at byte 5116 (The TLS
> > connection was non-properly terminated.).Retrying.
> > 
> > There seems to be a problem in Wget 1.15 (on Debian SID)...
> > 
> > ...
> > In our case, the connection shutdown by the server generates an error at
> > the Wget side. (I guess this is a difference between SSL and plain TCP
> > connections.)
> > Wget assumes the transfer being incomplete and tries it again and again.
> > Not really a bug, but also not the result a user would expect...
> > Saying "the server is buggy" doesn't help either.
> > 
> > 
> > In order to close a ssl session, the server should send a close_notify
> > message,
> > which seems to be what the server is not doing (in addition of not
> > providing the Content-Length).
> > IIS is a well-known server not doing it:
> > https://bugs.php.net/bug.php?id=23220
> 
> That's actually OpenSSL's s_server (unless Tim's tests were carried
> out with a different platform).

I took the example OpenSSL server invocation from your original post:
$ openssl s_server -accept 8443 -www -certform PEM -cert server-rsa-cert.pem -
keyform PEM -key server-rsa-key-plain.pem -tls1 -cipher kRSA:HIGH:-EDH

Tim