[
https://issues.apache.org/jira/browse/TS-3597?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14542837#comment-14542837
]
Leif Hedstrom commented on TS-3597:
-----------------------------------
Ya, I can't reproduce it on docs.trafficserver (RHEL7) but it reproduces easily
on production (RHEL6). But it's not consistent, you might have to try like 3-5
requests before you get a handshake failure. I'm positive it's the commit
causing this, if I back out that one commit, it works fine (2a8bb593fd).
> TLS can fail accept / handshake since commit 2a8bb593fd
> -------------------------------------------------------
>
> Key: TS-3597
> URL: https://issues.apache.org/jira/browse/TS-3597
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: Leif Hedstrom
> Assignee: Susan Hinrichs
> Priority: Critical
> Fix For: 6.0.0
>
>
> At least under certain conditions (slightly unclear,but possible a race with
> multiple NUMA nodes), we fail to accept / TLS handshake. I've tracked this
> down to the commit from 2a8bb593fdd7ca9125efad76e27f3f17f5bca794.
> The commit prior to this does not expose the problem. [~gancho] also
> discovered that this problem is only triggered when accept thread is off (0).
> Also from [~gancho], when this reproduces, a command like e.g. this will fail
> the handshake completely (no ciphers):
> {code}
> openssl s_client -connect 10.1.2.3:443 -tls1 -servername some.host.com
> {code}
> Also, since this only happens with accept thread off (0), which implies
> accept on every ET_NET thread, maybe there's some sort of race condition
> going on here? That's just a wild speculation though.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
