[stunnel-users] Effect of SIGHUP on connections

• Previous message (by thread): [stunnel-users] Effect of SIGHUP on connections
• Next message (by thread): [stunnel-users] Effect of SIGHUP on connections
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2016-02-12 11:52 GMT-05:00 Michal Trojnara <Michal.Trojnara at stunnel.org>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 11.02.2016 21:10, Philippe Anctil wrote:
> > My test is simple. I try to establish 10 connections at 1 second
> > interval. At the same time, I generate a lot of sighup signals.
>
> I presume you were only sending the signals to the main process.  Right?
>

Correct.


> > At least one connection fails every time. 30 2016-02-10
> > 12:07:14.305001 0.000014    142.168.66.111 142.168.148.114
> > TCP      66     4443→56572 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0
> > MSS=1460 SACK_PERM=1 WS=128 31 2016-02-10 12:07:14.312908 0.007907
> > 142.168.148.114 142.168.66.111        TCP      60     56572→4443
> > [ACK] Seq=1 Ack=1 Win=66560 Len=0 32 2016-02-10 12:07:14.312918
> > 0.000010    142.168.66.111 142.168.148.114       TCP      54
> > 4443→56572 [RST] Seq=1 Win=0 Len=0
>
> So it sends RST 0.01ms after it received the final ACK of the TCP
> handshake.  My theory is that it is caused by the listening socket
> being momentarily closed in the middle of the TCP handshake, i.e.,
> before the kernel informs the userspace (stunnel in this case) about
> the newly established TCP connection.
>

I think you are right.

I thought the tcp connection was established during the call to accept().
Because of this I concentrated my research around that call and I simply
could not understand why none of the traces put around it were triggered.

Well, that's because the situation is happening when the program loops
somewhere else, most likely in daemon_loop. For instance, after receiving a
signal or after accepting one connection. Because the socket is still
listening, the OS lets a new tcp connection come in. If a sighup signal is
about to be pulled from signal_pipe, it is entirely possible the socket
gets closed right after the new tcp connection is established and before it
can be accept()ed by the program. The socket is closed without checking if
there are pending connections. And so there can't be any indication of that
in the log.

Note I am not making any claim that situation could or should be detected.
I was mostly interested in understanding .

Thanks for your input!


-- 
Philippe Anctil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20160212/65af0201/attachment.html>

• Previous message (by thread): [stunnel-users] Effect of SIGHUP on connections
• Next message (by thread): [stunnel-users] Effect of SIGHUP on connections
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]