From ca56b974b8c5fd16d83efb6930164b30b967137a Mon Sep 17 00:00:00 2001
From: waldek <waldek@mailbox.org>
Date: Mon, 6 Mar 2023 09:50:39 +1100
Subject: [PATCH] simplity the connection close for reverse proxy

---
 jetforce/protocol.py | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/jetforce/protocol.py b/jetforce/protocol.py
index 915bb22..dd83728 100644
--- a/jetforce/protocol.py
+++ b/jetforce/protocol.py
@@ -329,3 +329,22 @@ class ReverseProxyGeminiProtocol(GeminiProtocol):
             "client_certificate": None,
         }
         return environ
+
+    def finish_connection(self) -> None:
+        """
+        Send the TLS "close_notify" alert and then immediately close the TCP
+        connection without waiting for the client to respond with it's own
+        "close_notify" alert.
+
+        > It is acceptable for an application to only send its shutdown alert
+        > and then close the underlying connection without waiting for the
+        > peer's response. This way resources can be saved, as the process can
+        > already terminate or serve another connection. This should only be
+        > done when it is known that the other side will not send more data,
+        > otherwise there is a risk of a truncation attack.
+
+        References:
+            https://github.com/michael-lazar/jetforce/issues/32
+            https://www.openssl.org/docs/man1.1.1/man3/SSL_shutdown.html
+        """
+        self.transport.loseConnection()