Description
When a HTTPs response with a large content body is sent, then not all bytes will be transferred and the connection will hang indefinitely until it reaches a timeout.
Example request:
curl -X 'GET' -k
'https://192.168.200.232/v2/endpoint'
-H 'accept: application/json'
-H 'Authorization: Basic dGVzdDo=' --trace-time -v
Note: Unnecessary use of -X or --request, GET is already inferred.
15:44:55.711265 * Trying 192.168.200.232:443...
15:44:55.717252 * Connected to 192.168.200.232 (192.168.200.232) port 443 (#0)
15:44:55.719318 * ALPN, offering h2
15:44:55.719346 * ALPN, offering http/1.1
15:44:55.719472 * TLSv1.0 (OUT), TLS header, Certificate Status (22):
15:44:55.719503 * TLSv1.3 (OUT), TLS handshake, Client hello (1):
15:44:55.761049 * TLSv1.2 (IN), TLS header, Certificate Status (22):
15:44:55.761226 * TLSv1.3 (IN), TLS handshake, Server hello (2):
15:44:55.761775 * TLSv1.2 (IN), TLS header, Finished (20):
15:44:55.761849 * TLSv1.2 (IN), TLS header, Supplemental data (23):
15:44:55.761886 * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
15:44:55.761913 * TLSv1.2 (IN), TLS header, Supplemental data (23):
15:44:55.761999 * TLSv1.3 (IN), TLS handshake, Certificate (11):
15:44:55.763293 * TLSv1.2 (IN), TLS header, Supplemental data (23):
15:44:55.763344 * TLSv1.3 (IN), TLS handshake, CERT verify (15):
15:44:55.763410 * TLSv1.2 (IN), TLS header, Supplemental data (23):
15:44:55.763449 * TLSv1.3 (IN), TLS handshake, Finished (20):
15:44:55.763489 * TLSv1.2 (OUT), TLS header, Finished (20):
15:44:55.763513 * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
15:44:55.763558 * TLSv1.2 (OUT), TLS header, Supplemental data (23):
15:44:55.763591 * TLSv1.3 (OUT), TLS handshake, Finished (20):
15:44:55.763633 * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
15:44:55.763656 * ALPN, server did not agree to a protocol
15:44:55.763675 * Server certificate:
15:44:55.763690 * subject:
15:44:55.763699 * start date: Oct 4 08:46:14 2023 GMT
15:44:55.763707 * expire date: Sep 10 08:46:14 2123 GMT
15:44:55.763722 * issuer:
15:44:55.763752 * SSL certificate verify result: self-signed certificate in certificate chain (19), continuing anyway.
15:44:55.763795 * TLSv1.2 (OUT), TLS header, Supplemental data (23):
15:44:55.763831 > GET /v2/endpoint HTTP/1.1
15:44:55.763831 > Host: 192.168.200.232
15:44:55.763831 > User-Agent: curl/7.81.0
15:44:55.763831 > accept: application/json
15:44:55.763831 > Authorization: Basic dGVzdDo=
15:44:55.763831 >
15:44:55.776094 * TLSv1.2 (IN), TLS header, Supplemental data (23):
15:44:55.776234 * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
15:44:55.776353 * TLSv1.2 (IN), TLS header, Supplemental data (23):
15:44:55.776497 * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
15:44:55.776742 * old SSL session ID is stale, removing
15:44:56.901714 * TLSv1.2 (IN), TLS header, Supplemental data (23):
15:44:56.910324 * Mark bundle as not supporting multiuse
15:44:56.910420 < HTTP/1.1 200 OK
15:44:56.910559 < content-length: 56531
15:44:56.910639 < content-type: application/json; charset=utf-8
15:44:56.910772 < server: backend-api/0.1.0.6822
15:44:56.910938 < access-control-allow-origin: *
15:44:56.911114 < date: Mon, 27 Nov 2023 14:44:52 GMT
15:44:56.911246 <
{"json_content_that_will_be_cut_off
15:44:56.912609 * TLSv1.2 (IN), TLS header, Supplemental data (23):
^C ////// <<<< timeout
Is it possible that the last chunk of data is not flushed to the output?