[gnutls-help] Clean TLS shutdown

Yoran Heling info at yorhel.nl
Fri Mar 1 12:03:50 CET 2013


Hello,

I'm trying to figure out how to perform a clean shutdown of a TLS
session, and how the API communicates that back to the application.

>From what I understand so far, if either end of the connection wishes to
close the session, it would call gnutls_bye() with GNUTLS_SHUT_RDWR.
Assuming the other end of the session is waiting for input with
gnutls_record_recv(), it will detect this shutdown request with _recv()
returning 0 (EOF).

What should the receiving end do in such a case? If it calls close() on
the underlying socket, will the gnutls_bye() fail with an error on the
other end?  Should it call gnutls_bye() itself for that to succeed?

Related to the above, is my understanding correct that when either end
closes the underlying socket without initiating a gnutls_bye(), the
gnutls_record_recv() on the other end will fail with an error?

Any clarification on this subjects is appreciated.

Yoran.



More information about the Gnutls-help mailing list