Bug 1479: GnuPG curl-shim TCP half-close harms HTTP interop

Phil Pennock gnupg-devel at spodhuis.org
Thu Feb 28 01:38:42 CET 2013


I've filed an issue to ensure this can be tracked, with a hope of
getting it resolved before the next release of GnuPG.

  https://bugs.g10code.com/gnupg/issue1479

TCP half-close is, to me, sane and rational, but it is a grey area in
HTTP and the nginx developers are probably not alone in treating it as
"probably a connection abort, stop the proxying".  Getting curl-shim to
behave more like cURL itself, which does not use TCP half-closes, will
lead to the most interoperable outcome.

Beware that getting these requests to fail can be highly latency
sensitive.  Kristian's server aborts the connections fairly reliably;
when I shoved my system load to 5x the number of CPUs, I could
*sometimes* see it fail (I guess 5% from VM on laptop in Eastern USA to
colo machine in NL) whereas Kristian (in Scandinavia) could see it fail
much more reliably, 50% to 90% of the time.

-Phil



More information about the Gnupg-devel mailing list