GitHub user zwoop opened an issue:
https://github.com/apache/trafficserver/issues/1421
Segmentation fault on TLS when destination server issues Reset
Creating this issue, copying from the original Jira to capture all the
details.
On HEAD as of 16DEC2016 (102b66b9730780289ef71fa1ee33214cbcbcdde2)
When in Forward proxy mode, connecting to an HTTPS site, where the
destination site responds with TCP RESET, Traffic Server will restart due to
Sig 11: Segmentation fault.
If the upstream site instead silently drops the response, ATS will
successfully proceed with 502 (Tunnel Connection Failed).
No proxy chaining involved, direct: client -> ATS -> destination.
Test machine: Debian Jessie (8.6) x86_64
To replicate, make an HTTPS request - via ATS in forward-proxy-mode - to a
local (non-firewalled) server, with nothing running on TCP/443.
Watch manager.log for near immediate "[LocalManager::pollMgmtProcessServer]
Server Process terminated due to Sig 11: Segmentation fault" followed by
"[Alarms::signalAlarm] Server Process was reset"
The issue was introduced in c1ac5f8bf87fd4bc3a8e06507219970d83965acd TS-4796
No promises - I'll see what I can do.
I've tracked it down to the change to line 508 in iocore/net/UnixNet.cc
https://github.com/apache/trafficserver/commit/c1ac5f8bf87fd4bc3a8e06507219970d83965acd#diff-24ea729d4646e63a76dd276a189da30cR508
This is all from "Craig B" in TS-5098.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---