On 19.10.20 11:51, Stefan Seyfried wrote:
[sorry, first mail was only sent as personal reply :-(]
Hi Sebastian,
On 19.10.20 11:45, Sebastian Parschauer wrote:
IMHO an SSL stability initiative is required - even independent of vendors. If anybody else noticed slow browser tabs, slow https file downloads, slow email downloads, or plain hanging, then I'd be glad to team up to join forces against SSL network state machine violations. I have read your message but not understood a single word.
Would it be possible to describe your problems, preferably in bugreports, so that mere mortals are able to understand what you are trying to tell?
To say it in simple words: SSL can lead to hanging forever if 1) A connection is tried to be reestablished although the old one is still open. The server will react with connection reset for the new connection. The client will repeat its client hello and wait for the server hello which will never be received. 2) A connection is tried to be established which is directly closed by previous connection handling in the client again. The new connection can never be established (duplicate SSL_shutdown() calls - first one closes old connection, second one closes new connection about to be established). One of these variants is hitting me with Firefox, Chromium, and Thunderbird as well now. I don't have the time right now to debug this all by myself to the code part that causes the issues. Firefox is coming with an own SSL library. From previous bug handling I know that I would be on my own as nobody sees priority in this. If you would tcpdump those tools on your side, then you would also see port 443 RSTs for sure which indicate that something is wrong with SSL handling. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org