Boost Beast Translation (zh_Hans)/Doc / Qbk / 03 Core / 10 Ssl Tls Shutdown (qbk) — Chinese (Simplified Han script) @ Boost-Weblate: This is a rare case and indeed a security issue …

Zen

Translation

Source string description

type: paragraph

English

Chinese (Simplified Han script)

Needs editing (Needs rewriting)

Skip

	English	Chinese (Simplified Han script)	Actions
	SSL/TLS Shutdown	SSL/TLS Shutdown
	A secure SSL/TLS connection requires a proper shutdown process to securely indicate the [@https://en.wikipedia.org/wiki/End-of-file ['EOF]] condition. This process prevents a type of attack known as a [@https://en.wikipedia.org/wiki/Transport_Layer_Security#Truncation_attack ['truncation attack]] in which an attacker can close the underlying transport layer and control the length of the last message in the SSL/TLS connection. A shutdown process consists of exchanging `close_notify` message between two parties. In __Asio__ these steps happen by calling `shutdown()` or `async_shutdown()` on `ssl::stream` object.	A secure SSL/TLS connection requires a proper shutdown process to securely indicate the [@https://en.wikipedia.org/wiki/End-of-file ['EOF]] condition. This process prevents a type of attack known as a [@https://en.wikipedia.org/wiki/Transport_Layer_Security#Truncation_attack ['truncation attack]] in which an attacker can close the underlying transport layer and control the length of the last message in the SSL/TLS connection. A shutdown process consists of exchanging `close_notify` message between two parties. In __Asio__ these steps happen by calling `shutdown()` or `async_shutdown()` on `ssl::stream` object.
	error::stream_truncated	error::stream_truncated
	There are SSL/TLS implementations that don't perform a proper shutdown process and simply close the underlying transport layer instead. As a result, the EOF condition in these applications is not cryptographically secure and should not be relied upon. However, there are scenarios where an HTTPS client or server doesn't need EOF for determining the end of the last message:	There are SSL/TLS implementations that don't perform a proper shutdown process and simply close the underlying transport layer instead. As a result, the EOF condition in these applications is not cryptographically secure and should not be relied upon. However, there are scenarios where an HTTPS client or server doesn't need EOF for determining the end of the last message:
	* The HTTP message has a `Content-Length` header, and the body is fully	* The HTTP message has a `Content-Length` header, and the body is fully
	* The HTTP message uses chunked transfer encoding, and the final chunk is	* The HTTP message uses chunked transfer encoding, and the final chunk is
	* The HTTP message doesn't contain a body, such as any response with a 1xx	* The HTTP message doesn't contain a body, such as any response with a 1xx
	In such scenarios, `http::read` or `http::async_read` operations succeed as they don't need EOF to complete. However, the next operation on the stream would fail with an [@boost:/doc/html/boost_asio/reference/ssl__error__stream_errors.html `net::ssl::error::stream_truncated`] error.	In such scenarios, `http::read` or `http::async_read` operations succeed as they don't need EOF to complete. However, the next operation on the stream would fail with an [@boost:/doc/html/boost_asio/reference/ssl__error__stream_errors.html `net::ssl::error::stream_truncated`] error.
	For example, let's assume we are using Beast for communicating with an HTTPS server that doesn't perform a proper SSL/TLS shutdown:	For example, let's assume we are using Beast for communicating with an HTTPS server that doesn't perform a proper SSL/TLS shutdown:
	Non-Compliant Peers and Unknown Body Length	Non-Compliant Peers and Unknown Body Length
	This is a rare case and indeed a security issue when HTTPS servers don't perform a proper SSL/TLS shutdown procedure and send an HTTP response message that relies on EOF to determine the end of the body. This is a security concern because without an SSL/TLS shutdown procedure, the EOF is not cryptographically secure, leaving the message body vulnerable to truncation attacks.	This is a rare case and indeed a security issue when HTTPS servers don't perform a proper SSL/TLS shutdown procedure and send an HTTP response message that relies on EOF to determine the end of the body. This is a security concern because without an SSL/TLS shutdown procedure, the EOF is not cryptographically secure, leaving the message body vulnerable to truncation attacks.
	The following is an example that can read an HTTP response from such a server:	The following is an example that can read an HTTP response from such a server:

	English	Chinese (Simplified Han script)	Actions
	SSL/TLS Shutdown	SSL/TLS Shutdown
	A secure SSL/TLS connection requires a proper shutdown process to securely indicate the [@https://en.wikipedia.org/wiki/End-of-file ['EOF]] condition. This process prevents a type of attack known as a [@https://en.wikipedia.org/wiki/Transport_Layer_Security#Truncation_attack ['truncation attack]] in which an attacker can close the underlying transport layer and control the length of the last message in the SSL/TLS connection. A shutdown process consists of exchanging `close_notify` message between two parties. In __Asio__ these steps happen by calling `shutdown()` or `async_shutdown()` on `ssl::stream` object.	A secure SSL/TLS connection requires a proper shutdown process to securely indicate the [@https://en.wikipedia.org/wiki/End-of-file ['EOF]] condition. This process prevents a type of attack known as a [@https://en.wikipedia.org/wiki/Transport_Layer_Security#Truncation_attack ['truncation attack]] in which an attacker can close the underlying transport layer and control the length of the last message in the SSL/TLS connection. A shutdown process consists of exchanging `close_notify` message between two parties. In __Asio__ these steps happen by calling `shutdown()` or `async_shutdown()` on `ssl::stream` object.
	error::stream_truncated	error::stream_truncated
	There are SSL/TLS implementations that don't perform a proper shutdown process and simply close the underlying transport layer instead. As a result, the EOF condition in these applications is not cryptographically secure and should not be relied upon. However, there are scenarios where an HTTPS client or server doesn't need EOF for determining the end of the last message:	There are SSL/TLS implementations that don't perform a proper shutdown process and simply close the underlying transport layer instead. As a result, the EOF condition in these applications is not cryptographically secure and should not be relied upon. However, there are scenarios where an HTTPS client or server doesn't need EOF for determining the end of the last message:
	* The HTTP message has a `Content-Length` header, and the body is fully	* The HTTP message has a `Content-Length` header, and the body is fully
	* The HTTP message uses chunked transfer encoding, and the final chunk is	* The HTTP message uses chunked transfer encoding, and the final chunk is
	* The HTTP message doesn't contain a body, such as any response with a 1xx	* The HTTP message doesn't contain a body, such as any response with a 1xx
	In such scenarios, `http::read` or `http::async_read` operations succeed as they don't need EOF to complete. However, the next operation on the stream would fail with an [@boost:/doc/html/boost_asio/reference/ssl__error__stream_errors.html `net::ssl::error::stream_truncated`] error.	In such scenarios, `http::read` or `http::async_read` operations succeed as they don't need EOF to complete. However, the next operation on the stream would fail with an [@boost:/doc/html/boost_asio/reference/ssl__error__stream_errors.html `net::ssl::error::stream_truncated`] error.
	For example, let's assume we are using Beast for communicating with an HTTPS server that doesn't perform a proper SSL/TLS shutdown:	For example, let's assume we are using Beast for communicating with an HTTPS server that doesn't perform a proper SSL/TLS shutdown:
	Non-Compliant Peers and Unknown Body Length	Non-Compliant Peers and Unknown Body Length
	This is a rare case and indeed a security issue when HTTPS servers don't perform a proper SSL/TLS shutdown procedure and send an HTTP response message that relies on EOF to determine the end of the body. This is a security concern because without an SSL/TLS shutdown procedure, the EOF is not cryptographically secure, leaving the message body vulnerable to truncation attacks.	This is a rare case and indeed a security issue when HTTPS servers don't perform a proper SSL/TLS shutdown procedure and send an HTTP response message that relies on EOF to determine the end of the body. This is a security concern because without an SSL/TLS shutdown procedure, the EOF is not cryptographically secure, leaving the message body vulnerable to truncation attacks.
	The following is an example that can read an HTTP response from such a server:	The following is an example that can read an HTTP response from such a server:

Loading…

admin

String added in the repository

English

Chinese (Simplified Han script) 377 characters editedCurrent translationState: Needs editing (Needs rewriting)

06/05/2026

Browse all string changes

Things to check

Unchanged translation

Source and translation are identical.

Reset

Glossary

English	Chinese (Simplified Han script)
No related strings found in the glossary.

String information

Source string description

type: paragraph

Unit identifier

57796

Source string location

string ID 57

String age

06/05/2026

Last updated

06/05/2026

Source string age

06/05/2026

Translation file QuickBook file

doc/qbk/03_core/10_ssl_tls_shutdown_zh_Hans.qbk, string 11

Shortcut	Action
`?`	Open available keyboard shortcuts.
`Alt` + `Home`	Navigate to the first translation in the current search.
`Alt` + `End`	Navigate to the last translation in the current search.
`Alt` + `PageUp` or `Ctrl` + `↑` or `Alt` + `↑` or `Cmd` + `↑` or	Navigate to the previous translation in the current search.
`Alt` + `PageDown` or `Ctrl` + `↓` or `Alt` + `↓` or `Cmd` + `↓` or	Navigate to the next translation in the current search.
`Ctrl` + `Enter` or `Cmd` + `Enter`	Submit current form; this works the same as pressing Save and continue while editing translation.
`Ctrl` + `Shift` + `Enter` or `Cmd` + `Shift` +`Enter`	Unmark translation as Needing edit and submit it.
`Alt` + `Enter` or `Option` + `Enter`	Submit the string as a suggestion; this works the same as pressing Suggest while editing translation.
`Ctrl` + `E` or `Cmd` + `E`	Focus on translation editor.
`Ctrl` + `U` or `Cmd` + `U`	Focus on comment editor.
`Ctrl` + `M` or `Cmd` + `M`	Shows Automatic suggestions tab.
`Ctrl` + `1` to `Ctrl` + `9` or `Cmd` + `1` to `Cmd` + `9`	Copies placeable of a given number from source string.
`Ctrl` + `M` followed by `1` to `9` or `Cmd` + `M` followed by `1` to `9`	Copy the machine translation of a given number to current translation.
`Ctrl` + `I` followed by `1` to `9` or `Cmd` + `I` followed by `1` to `9`	Ignore one item in the list of failing checks.
`Ctrl` + `J` or `Cmd` + `J`	Shows the Nearby strings tab.
`Ctrl` + `S` or `Cmd` + `S`	Focus on search field.
`Ctrl` + `O` or `Cmd` + `O`	Copy the source string.
`Ctrl` + `Y` or `Cmd` + `Y`	Toggle the Needs editing checkbox.
`→`	Browse the next translation string.
`←`	Browse the previous translation string.

Translation

Things to check

Unchanged translation

Glossary

String information

Source string description

Details

Unit identifier

Source string location

String age

Last updated

Source string age

Translation file QuickBook file