Ticket Change Details
Overview

Artifact ID: e19f4fb8d0558e1653ef5555c02330b71d11907a7c56497dbe6bebbecfbf9844
Ticket: ad8604520ea45d39112209469c9d6cfa3456fdee
Server accept invoked before handshake completed
User & Date: anonymous 2021-10-10 16:46:37
Changes

  1. foundin changed to: "1.7.22"
  2. icomment:
    Server code:
    proc accept {so args} {
       puts $so $args; flush $so; close $so
    }
    socket -server accept 10001;# Plain old Tcl socket
    tls::socket -server accept 10002;# TLS socket
    
    On client side: Plain old sockets work
    % set so [socket localhost 10001]; gets $so
    ::1 58824
    
    TLS sockets get an error:
    % set so [tls::socket localhost 10002]; gets $so
    error reading "sock0000019561DCF4C0": software caused connection abort
    
    errorInfo shows:
    SSL channel "sock0000019561DCF4C0": error: sslv3 alert handshake failure
    
    Note that if the client initiates data flow, everything works fine. However, I do not believe this is a requirement for TLS. Client side has to initiate negotiation but the data flow may begin from either end.
    
    My feeling is that the server side accept procedure should not be called until TLS negotiation is done AND client should initiate handshake without waiting for application to push user data.
    
    /Ashok
    
  3. login: "anonymous"
  4. mimetype: "text/x-markdown"
  5. severity changed to: "Important"
  6. status changed to: "Open"
  7. title changed to: "Server accept invoked before handshake completed"
  8. type changed to: "Code Defect"