I am trying to diagnose a (possibly obscure) problem in relayd from OpenBSD 6.6. Problem summary: Requests for a particular URL from a particular iOS app fail with a "HTTP load failing due to strict content length" error, where they did not fail when using httpd only without relayd.
Situation: I have set up relayd in front of httpd on my web server. relayd handles the TLS server endpoint and forwards requests to httpd using plain HTTP on localhost port 81. Here is the relayd configuration: table <web_host> { 127.0.0.1 } http protocol "https" { tls keypair akltrains.hewgill.com tls keypair hewgill.com # more keypairs... } relay proxy { listen on 46.23.92.122 port 443 tls protocol "https" forward to <web_host> port 81 } Here is the relevant part of httpd.conf: server "akltrains.hewgill.com" { listen on 127.0.0.1 port 81 root "/htdocs/akltrains.hewgill.com" } I have an iOS app (https://hewgill.com/akltrains) which makes a HEAD and GET request to https://akltrains.hewgill.com/gtfs.lson (yes, ".lson" suffix). When running the app under the iOS simulator on my desktop, the requests succeed. When running on an actual iOS device, the GET request fails with: HTTP load failing due to strict content length - expected: 1090398, received: 1063936, received (uncompressed): 0 The received size is different each time it is run. Inspecting the data transfer between httpd and relayd using tcpdump, I see that the whole file is in fact being sent to relayd. So I conclude that somehow, on the relayd side, some part of the file (presumably the tail end) is not being transmitted to the client. I have tried: - fetching the file with wget on my desktop => no problem - fetching the file with wget inside iSH (https://ish.app) on iOS => no problem - using "no splice" tcp option in relayd.conf => no change Apple requires that URL requests from iOS apps use TLS, so I can't test this with plain HTTP through relayd. What's the next step in diagnosing or fixing this? I can make changes and recompile relayd and/or my iOS app as necessary.