Hi misc@
I am running relayd as a reverse TLS proxy on OpenBSD 6.3 release with
the GENERIC kernel. I have noticed two issues that happen: (1) netstat
reports that the Recv-q for the ip protocol steadily climbs and never
goes back to 0 unless I restart relayd and (2) I am getting a lot of
spurious TLS handshake errors that I can't pin down. I am running relayd
with relayd -vv logging. Below is output from my relayd.log and dmesg.
Thanks,
Matt
/var/log/relayd:
Apr 5 23:45:43 panther relayd[94018]: startup
Apr 5 23:46:08 panther relayd[43579]: relay_tls_transaction: session 1:
scheduling on EV_READ
Apr 5 23:46:08 panther relayd[43579]: relay ghost, tls session 1
established (1 active)
Apr 5 23:46:15 panther relayd[43579]: relay_tls_transaction: session 2:
scheduling on EV_READ
Apr 5 23:46:15 panther relayd[43579]: relay ghost, tls session 2
established (1 active)
Apr 5 23:46:15 panther relayd[43579]: relay_tls_transaction: session 3:
scheduling on EV_READ
Apr 5 23:46:15 panther relayd[43579]: relay ghost, tls session 3
established (1 active)
Apr 5 23:46:15 panther relayd[43579]: relay_tls_transaction: session 4:
scheduling on EV_READ
Apr 5 23:46:15 panther relayd[11143]: relay_tls_transaction: session 1:
scheduling on EV_READ
Apr 5 23:46:15 panther relayd[43579]: relay ghost, tls session 4
established (2 active)
Apr 5 23:46:15 panther relayd[11143]: relay ghost, tls session 1
established (1 active)
Apr 5 23:46:21 panther relayd[11143]: relay_tls_transaction: session 2:
scheduling on EV_READ
Apr 5 23:46:22 panther relayd[11143]: relay ghost, tls session 2
established (1 active)
Apr 5 23:47:04 panther relayd[11143]: relay_tls_transaction: session 3:
scheduling on EV_READ
Apr 5 23:47:04 panther relayd[11143]: relay ghost, tls session 3
established (1 active)
Apr 5 23:47:09 panther relayd[11143]: relay_tls_transaction: session 4:
scheduling on EV_READ
Apr 5 23:47:09 panther relayd[11143]: relay ghost, tls session 4
established (2 active)
Apr 5 23:47:09 panther relayd[73657]: relay_tls_transaction: session 1:
scheduling on EV_READ
Apr 5 23:47:09 panther relayd[11143]: relay_tls_transaction: session 5:
scheduling on EV_READ
Apr 5 23:47:09 panther relayd[73657]: relay ghost, tls session 1
established (1 active)
Apr 5 23:47:09 panther relayd[11143]: relay ghost, tls session 5
established (1 active)
Apr 5 23:48:23 panther relayd[73657]: relay_tls_transaction: session 2:
scheduling on EV_READ
Apr 5 23:48:23 panther relayd[73657]: TLS handshake failed: ghost:
relay_tls_handshake: handshake failed: error:1402610B:SSL
routines:ACCEPT_SR_CLNT_HELLO:wrong version number
Apr 5 23:48:23 panther relayd[73657]: relay_close: sessions inflight
decremented, now 0
Apr 5 23:48:23 panther relayd[73657]: relay_tls_transaction: session 3:
scheduling on EV_READ
Apr 5 23:48:23 panther relayd[73657]: TLS handshake failed: ghost:
relay_tls_handshake: handshake failed: error:1402710B:SSL
routines:ACCEPT_SR_CLNT_HELLO_C:wrong version number
Apr 5 23:48:23 panther relayd[73657]: relay_close: sessions inflight
decremented, now 0
Apr 5 23:48:24 panther relayd[73657]: relay_tls_transaction: session 4:
scheduling on EV_READ
Apr 5 23:48:24 panther relayd[73657]: TLS handshake failed: ghost:
relay_tls_handshake: handshake failed: error:1402710B:SSL
routines:ACCEPT_SR_CLNT_HELLO_C:wrong version number
Apr 5 23:48:24 panther relayd[73657]: relay_close: sessions inflight
decremented, now 0
Apr 5 23:48:24 panther relayd[43579]: relay_tls_transaction: session 5:
scheduling on EV_READ
Apr 5 23:48:24 panther relayd[43579]: TLS handshake failed: ghost:
relay_tls_handshake: handshake failed: error:1402710B:SSL
routines:ACCEPT_SR_CLNT_HELLO_C:wrong version number
Apr 5 23:48:24 panther relayd[43579]: relay_close: sessions inflight
decremented, now 0
Apr 5 23:48:24 panther relayd[73657]: relay_tls_transaction: session 5:
scheduling on EV_READ
Apr 5 23:48:24 panther relayd[73657]: TLS handshake failed: ghost:
relay_tls_handshake: handshake failed: error:1402710B:SSL
routines:ACCEPT_SR_CLNT_HELLO_C:wrong version number
Apr 5 23:48:24 panther relayd[73657]: relay_close: sessions inflight
decremented, now 0
Apr 5 23:48:24 panther relayd[43579]: relay_tls_transaction: session 6:
scheduling on EV_READ
Apr 5 23:48:24 panther relayd[43579]: TLS handshake failed: ghost:
relay_tls_handshake: handshake failed: unexpected EOF
Apr 5 23:48:24 panther relayd[43579]: relay_close: sessions inflight
decremented, now 0
Apr 5 23:48:25 panther relayd[43579]: relay_tls_transaction: session 7:
scheduling on EV_READ
Apr 5 23:48:25 panther relayd[43579]: TLS handshake failed: ghost:
relay_tls_handshake: handshake failed: error:140270C1:SSL
routines:ACCEPT_SR_CLNT_HELLO_C:no shared cipher
Apr 5 23:48:25 panther relayd[43579]: relay_close: sessions inflight
decremented, now 0
Apr 5 23:48:25 panther relayd[11143]: relay_tls_transaction: session 6:
scheduling on EV_READ
Apr 5