我们使用SSLHandler的netty服务器不响应来自peer的close_notify和FIN。要求是netty SslHandler应该根据RFC发送close_notify。我们在Opensslengine中使用Netty-4.1.17。
7.2.1. Closure Alerts [[https://tools.ietf.org/html/rfc5246#section-7.2.1]]
The client and the server must share knowledge that the connection is
ending in order to avoid a truncation attack.
[...]
Unless some other fatal alert has been transmitted, each party is
required to send a close_notify alert before closing the write side
of the connection. The other party MUST respond with a close_notify
alert of its own and close down the connection immediately,
discarding any pending writes.
答案 0 :(得分:0)
我认为这在后来的netty版本中得到了修复。请升级到最新版本