I’‘ve tried a lot of options with the scenario in the subject to try to narrow down the hang on disconnect problem. I have narrowed the problem down to GnuTLS. I can not say whether it is Gaim’'s use of GnuTLS, or GnuTLS itself, but here is what all I tested:
Note: All of these are from gaim or a gaim based client
Tried to connect/disconnect via port 5222/TLS: hangs on disconnect
Tried to connect/disconnect via port 5223 (old style SSL): no problems
Tried to connect/disconnect via port 5222/TLS to an ejabberd server: hangs on disconnect
Built gaim against latest (1.4.0) GnuTLS and connect/disconnect: hangs on disconnect
Built gaim against NSS (mozilla’'s ssl/tls libs) and connect/disconnect: no problems
So the moral of the story here is, if you can use a gaim based client compiled against Mozilla’'s NSS stuff, then you will avoid the hang on disconnect issue. If you can not recompile it, try “force old ssl” on port 5223 (and make sure your server is configured to allow this) and that should resolve the issue.
I don’'t believe this is something that can (or should) really be accounted for on the server side.