I am trying to diagnose a (possibly obscure) problem in relayd from OpenBSD
6.6. Problem summary:
Requests for a particular URL from a particular iOS app fail with a "HTTP load
failing due to
strict content length" error, where they did not fail when using httpd only
without relayd.
Situation: I have set up relayd in front of httpd on my web server. relayd
handles the TLS server
endpoint and forwards requests to httpd using plain HTTP on localhost port 81.
Here is the relayd
configuration:
table <web_host> { 127.0.0.1 }
http protocol "https" {
tls keypair akltrains.hewgill.com
tls keypair hewgill.com
# more keypairs...
}
relay proxy {
listen on 46.23.92.122 port 443 tls
protocol "https"
forward to <web_host> port 81
}
Here is the relevant part of httpd.conf:
server "akltrains.hewgill.com" {
listen on 127.0.0.1 port 81
root "/htdocs/akltrains.hewgill.com"
}
I have an iOS app (https://hewgill.com/akltrains) which makes a HEAD and GET
request to
https://akltrains.hewgill.com/gtfs.lson (yes, ".lson" suffix). When running the
app under the iOS
simulator on my desktop, the requests succeed. When running on an actual iOS
device, the GET
request fails with:
HTTP load failing due to strict content length - expected: 1090398, received:
1063936, received
(uncompressed): 0
The received size is different each time it is run. Inspecting the data
transfer between httpd and
relayd using tcpdump, I see that the whole file is in fact being sent to
relayd. So I conclude that
somehow, on the relayd side, some part of the file (presumably the tail end) is
not being
transmitted to the client.
I have tried:
- fetching the file with wget on my desktop => no problem
- fetching the file with wget inside iSH (https://ish.app) on iOS => no problem
- using "no splice" tcp option in relayd.conf => no change
Apple requires that URL requests from iOS apps use TLS, so I can't test this
with plain HTTP
through relayd.
What's the next step in diagnosing or fixing this? I can make changes and
recompile relayd and/or
my iOS app as necessary.
