On 19.10.20 12:25, Mathias Homann wrote:
Am Montag, 19. Oktober 2020, 11:45:51 CEST schrieb Sebastian Parschauer:
Hi,
steps to reproduce?
Needless to say, on two out of two Leap 15.2 systems here I can not reproduce your issues.
Reproduction of the hanging is pretty impossible if it didn't hit before. If it hit before: An internet connection with stable latency is required (LAN). Then it will hit again and again. SSL can lead to hanging forever if 1) A connection is tried to be reestablished although the old one is still open. The server will react with connection reset for the new connection. The client will repeat its client hello and wait for the server hello which will never be received. 2) A connection is tried to be established which is directly closed by previous connection handling in the client again. The new connection can never be established (duplicate SSL_shutdown() calls - first one closes old connection, second one closes new connection about to be established). osc is type 1. libcurl is type 2. I guess Chromium, Firefox, and Thunderbird are type 2 as well or something else I haven't seen yet. I haven't seen the repeating of the SSL client hello but the port 443 RSTs. Time between "[FIN, ACK]" and "TCP ACKed unseen segment" was 246 ms, "[FIN, ACK]" and "Encrypted Alert" 1.334 ms, "Encrypted Alert" and "[RST, ACK]" 57 ns in the osc bug. All RSTs were gone after the fix. So this can be a matter of nanoseconds. Do you see port 443 RSTs as well in the tcpdump, when using Chromium, Firefox, and Thunderbird? Thanks in advance. Cheers, Sebastian -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org