On 17/11/2020 13:56, Michael Wojcik wrote:
>> From: Kyle Hamilton
>> Sent: Tuesday, 17 November, 2020 02:37
>> On Fri, Nov 13, 2020 at 11:51 AM Michael Wojcik
>> wrote:
>>>
From: Brice André
Sent: Friday, 13 November, 2020 09:13
>>>
"Does the server parent process close its
> From: Kyle Hamilton
> Sent: Tuesday, 17 November, 2020 02:37
> On Fri, Nov 13, 2020 at 11:51 AM Michael Wojcik
> wrote:
> >
> > > From: Brice André
> > > Sent: Friday, 13 November, 2020 09:13
> >
> > > "Does the server parent process close its copy of the conversation
> > > socket?"
> > > I
There's another reason why you'll want to close your socket with
SSL_close(): SSL (and TLS) view a prematurely-closed stream as an
exceptional condition to be reported to the application. This is to
prevent truncation attacks against the data communication layer.
While your application may not
(Top posting to match what Mr. André does):
TCP without keepalive will time out the connection a few minutes after
sending any data that doesn't get a response.
TCP without keepalive with no outstanding send (so only a blocking
recv) and nothing outstanding at the other end will probably hang
Hello Michael,
Thanks for all those information.
I corrected your suggested point (close parent process sockets). I also
activated keepalive, with values adapted to my application.
I hope this will solve my issue, but as the problem may take several weeks
to occur, I will not know immediately
> From: Brice André
> Sent: Friday, 13 November, 2020 09:13
> "Does the server parent process close its copy of the conversation socket?"
> I checked in my code, but it seems that no. Is it needed?
You'll want to do it, for a few reasons:
- You'll be leaking descriptors in the server, and
Hello,
And many thanks for the answer.
"Does the server parent process close its copy of the conversation socket?"
: I checked in my code, but it seems that no. Is it needed ? May it
explain my problem ?
" Do you have keepalives enabled?" To be honest, I did not know it was
possible to not
> From: openssl-users On Behalf Of Brice
> André
> Sent: Friday, 13 November, 2020 05:06
> ... it seems that in some rare execution cases, the server performs a
> SSL_read,
> the client disconnects in the meantime, and the server never detects the
> disconnection and remains stuck in the