5

I'm trying to create a custom FTP server with TcpListener over SSL.

When closing the connections the client generates an error because when the socket gets shutdown is not sending close-notify alert. Which I have read is not considered in .NET TLS implementation.

What would be the best way to add this behavior to my server. How do I send this alert? Is it simple as writing the string to the SSL stream or wrapped stream.

I would appreciate if someone can point me in the right direction.

Thanks

Arturo Martinez
  • 3,737
  • 1
  • 22
  • 35

2 Answers2

3

I found that SslStream just simply does not support this, so the only alternative I see at this moment is to send it manually. It is what I would call "manual sunset".

I posted my code here (since it was the most earliest mentioning of the problem I could find). Please have a look and advise if it helps you.

I hope Microsoft will find time to fix it in next versions of the framework.

Community
  • 1
  • 1
Neco
  • 539
  • 4
  • 10
  • Thanks for posting this. I need to implement it in my framework. – Arturo Martinez Mar 27 '14 at 14:00
  • Microsoft has acknowledged this behavior but is refusing to fix this. It sounds like they're saying it's the other side's fault: https://connect.microsoft.com/VisualStudio/feedback/details/788752/sslstream-does-not-properly-send-the-close-notify-alert – James Feb 17 '17 at 20:35
1

close-notify should be sent automatically by the SSL layer when you close the socket, if you were the end that closed first. If you were the end that received EOS and so you are closing in response, RFC 2246 allows for close-notify not to be sent in response.

You can't send it yourself.

user207421
  • 305,947
  • 44
  • 307
  • 483