On Fri, 11 May 2007, Howard Chu wrote:

That sounds like you're seeing a bug in the kernel's TCP stack then. A TCP close sends a FIN to the other end and is required to wait for the FIN to be ACK'd before the connection can be torn down. (Subject to 2MSL timeout.) That is most certainly not our problem.

The FIN sent by the client *is* ACKed by the server. The data sent by the client is reliably delivered. The issue is the behavior when data is sent to a endpoint which has already called close(). The data can't be delivered to the application, so the kernel send back a RST to inform the other end of the data loss. That issue---the data loss---is a direct result of the server sending a TLS close_notify and client not reading it before closing the socket. Unless one of those changes, a RST must be generated to report the data loss to the sender.

All the UNIX versions that I have tried behave as described. If this is a bug in TCP stacks, it is *very* well entrenched.

Philip Guenther