On Thu, Sep 7, 2023 at 6:09 PM Yann Ylavic <ylavic....@gmail.com> wrote: > > On Wed, Aug 30, 2023 at 1:22 PM Rainer Jung <rainer.j...@kippdata.de> wrote: > > > > OpenSSL 3 flags some abortive shutdowns as an error different to what > > 1.1.1 did. This results in info log output in httpd: > > > > [Tue Aug 29 12:33:06.787210 2023] [ssl:info] [pid 1994673:tid 1994737] > > SSL Library Error: error:0A000126:SSL routines::unexpected eof while reading > > [Tue Aug 29 12:33:06.787374 2023] [ssl:info] [pid 1994673:tid 1994737] > > [client 1.2.3.4:54790] AH01998: Connection closed to child 215 with > > abortive shutdown (server myserver:443) > > The info looks legit to me (someone closed the connection with no > close_notify), possibly we want to log it at APLOG_DEBUG/TRACEx still > if it happens too often? > We don't do that though for SSL_ERROR_ZERO_RETURN in openssl < 3, but > maybe we should too like in the attached patch (instead of r1912015)?
Scratch that patch, SSL_ERROR_ZERO_RETURN is actually when close_notify was received, we'd rather need to test SSL_ERROR_SYSCALL && errno == 0 with openssl < 0, which is more tricky in httpd with the EOS bucket vs APR_EOF. Hm, not sure we want to complicate this more.. > > Regards; > Yann.
