[stunnel-users] Effect of SIGHUP on connections
philippe.anctil at gmail.com
Fri Feb 12 23:39:37 CET 2016
2016-02-12 11:52 GMT-05:00 Michal Trojnara <Michal.Trojnara at stunnel.org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> On 11.02.2016 21:10, Philippe Anctil wrote:
> > My test is simple. I try to establish 10 connections at 1 second
> > interval. At the same time, I generate a lot of sighup signals.
> I presume you were only sending the signals to the main process. Right?
> > At least one connection fails every time. 30 2016-02-10
> > 12:07:14.305001 0.000014 188.8.131.52 184.108.40.206
> > TCP 66 4443→56572 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0
> > MSS=1460 SACK_PERM=1 WS=128 31 2016-02-10 12:07:14.312908 0.007907
> > 220.127.116.11 18.104.22.168 TCP 60 56572→4443
> > [ACK] Seq=1 Ack=1 Win=66560 Len=0 32 2016-02-10 12:07:14.312918
> > 0.000010 22.214.171.124 126.96.36.199 TCP 54
> > 4443→56572 [RST] Seq=1 Win=0 Len=0
> So it sends RST 0.01ms after it received the final ACK of the TCP
> handshake. My theory is that it is caused by the listening socket
> being momentarily closed in the middle of the TCP handshake, i.e.,
> before the kernel informs the userspace (stunnel in this case) about
> the newly established TCP connection.
I think you are right.
I thought the tcp connection was established during the call to accept().
Because of this I concentrated my research around that call and I simply
could not understand why none of the traces put around it were triggered.
Well, that's because the situation is happening when the program loops
somewhere else, most likely in daemon_loop. For instance, after receiving a
signal or after accepting one connection. Because the socket is still
listening, the OS lets a new tcp connection come in. If a sighup signal is
about to be pulled from signal_pipe, it is entirely possible the socket
gets closed right after the new tcp connection is established and before it
can be accept()ed by the program. The socket is closed without checking if
there are pending connections. And so there can't be any indication of that
in the log.
Note I am not making any claim that situation could or should be detected.
I was mostly interested in understanding .
Thanks for your input!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the stunnel-users