Hello,
May I please have help on this issue? Thanks in advance! I had a stunnel server and client communicating with TLSv1.2 (both of them are stunnel 5.55 and OpenSSL-1.1.1d) on CentOS 7 based Linux (kernel was updated as 4.19.0). The case is that client sends a HTTP request to server, and then server responds a payload with more than 640KB size. Normally, the server will close the connection by sending an alert firstly. The issue is that sometimes (not 100% reproducible), stunnel client reported: "TLS socket closed (read hangup)". and then closed the TLS socket. So I could find an alert sent from client to server firstly from tcpdump. Consequently, this caused the application reported "unexpected end of input?" as there should be more data to be received. I added a few debug logic and I indeed found that: there were occurrences that if stunnel client did not close the TLS socket, it could read more data from TLS socket in next poll loop: -------------------- 03:59:46 localhost stunnel: LOG6[0]: MingL: POLLRDHUP: 8192 03:59:46 localhost stunnel: LOG6[0]: MingL: ioctlsocket: 0 03:59:46 localhost stunnel: LOG6[0]: MingL: bytes: 0 <== client didn't close the sock in my debug version. 03:59:46 localhost stunnel: LOG6[0]: MingL: after checking 03:59:46 localhost stunnel: LOG6[0]: MingL: s_poll_wait: return 1 03:59:46 localhost stunnel: LOG6[0]: MingL: sock_can_rd: n 03:59:46 localhost stunnel: LOG6[0]: MingL: sock_can_wr: Y 03:59:46 localhost stunnel: LOG6[0]: MingL: ssl_can_rd: n 03:59:46 localhost stunnel: LOG6[0]: MingL: ssl_can_wr: n 03:59:46 localhost stunnel: LOG6[0]: MingL: pending: 1 03:59:46 localhost stunnel: LOG6[0]: MingL: write to sock 18432 03:59:46 localhost stunnel: LOG6[0]: MingL: read_wants_read Y 03:59:46 localhost stunnel: LOG6[0]: MingL: write_wants_writen 03:59:46 localhost stunnel: LOG6[0]: MingL: read from TLS 10168 <== then I observed the further read from TLS. -------------------- Any help will be appreciated! Ming
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
