El jue., 16 may. 2019 a las 19:33, David Lang (<[email protected]>) escribió: > > On Thu, 16 May 2019, Rainer Gerhards wrote: > > >> I believe that the right thing to do is to abort the connection, but it > >> seems > >> that rsyslog is dieing instead of just failing the connection (in this > >> case, it > >> seems to be an inbound connection) > >> > >> I walked into this by seeing a discussion of how to restart rsyslog when > >> it dies > >> from this. > > > > Do you have any idea of how to reproduce this? If so, could you create > > a debug log and valgrind run? > > This is still my first week here, and I don't know what I have access to do > duplicate this, but I believe that you can replicate this by sending a badly > enough malformed TLS handshake to the listening socket. I don't know exactly > what aspect of the handshake needs to be corrupted. > > > I still very much suggest to move to openssl - it really helps us > > generate much better error messages in case of a problem. > > That's what I am recommending. > > > Would still like to see this solved for gnutls. I think I tested inside the > > testbench and we never came to any result. What, btw, was a second driving > > force behind implementing openssl... > > I agree, but the testbench doesn't send malformed messages/handshakes, and > that's what's needed here.
If you have an idea of how to do that, I am all ears ;-) Rainer _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
