Issues with TLS under write load
mporsch opened this issue · comments
See test failure in MSVC [1] and test failure in OSX [2].
12: Test command: D:\a\sockpuppet\sockpuppet\build\Debug\sockpuppet_tls_buffered_test.exe
12: Working Directory: D:/a/sockpuppet/sockpuppet/build
12: Test timeout computed to be: 10000000
12: generating random reference data
12: test case #1: unlimited send timeout
12: server listening at [::1]:8554
12: client [::1]:61089 connected to server [::1]:8554
12: sending reference data from [::1]:61089 to [::1]:8554
12: verifying received against reference data
12: test case #2: limited send timeout
12: server listening at [::1]:8554
12: client [::1]:61092 connected to server [::1]:8554
12: sending reference data from [::1]:61092 to [::1]:8554
12: failed to wait for TLS socket readable/writable: 6956:error:1409E10F:SSL routines:ssl3_write_bytes:bad length:ssl\record\rec_layer_s3.c:377:
12:
12: verifying received against reference data
12: received only 8166 of 1000000 bytes
12: test case #3: non-blocking send
12: server listening at [::1]:8554
12: client [::1]:61093 connected to server [::1]:8554
12: sending reference data from [::1]:61093 to [::1]:8554
12: failed to wait for TLS socket readable/writable: 4156:error:1409E10F:SSL routines:ssl3_write_bytes:bad length:ssl\record\rec_layer_s3.c:377:
12:
12: verifying received against reference data
12: received only 9602 of 1000000 bytes
12/14 Test #12: sockpuppet_tls_buffered_test ............***Failed 5.00 sec
14/14 Test #14: sockpuppet_tls_async_performance_test ...Subprocess aborted***Exception: 62.37 sec
generating random reference data
server listening at [::1]:8554
client [::1]:49191 connected to server
client [::1]:49191 connecting to server
sending reference data from [::1]:49191 to [::1]:8554
client [::1]:49192 connecting to server
sending reference data from [::1]:49192 to [::1]:8554
client [::1]:49193 connecting to server
sending reference data from [::1]:49193 to [::1]:8554
client [::1]:49192 connected to server
client [::1]:49193 connected to server
verifying received against reference data
client [::1]:49191 closing connection to server
client [::1]:49191 closed connection to server
verifying received against reference data
client [::1]:49192 closing connection to server
client [::1]:49192 closed connection to server
clients did not receive echoed reference data on time
Assertion failed: (i < handshakeStepsMax), function Shutdown, file socket_tls_impl.cpp, line 240.
client [::1]:49193 closed connection to server
12/14 Test #12: sockpuppet_tls_buffered_test ............***Failed 3.57 sec
generating random reference data
test case #1: unlimited send timeout
server listening at [::1]:8554
client [::1]:49184 connected to server [::1]:8554
sending reference data from [::1]:49184 to [::1]:8554
verifying received against reference data
test case #2: limited send timeout
server listening at [::1]:8554
client [::1]:49185 connected to server [::1]:8554
sending reference data from [::1]:49185 to [::1]:8554
failed to wait for TLS socket readable/writable: 0050E80300700000:error:0A00010F:SSL routines:ssl3_write_bytes:bad length:ssl/record/rec_layer_s3.c:370:
verifying received against reference data
received only 661894 of 1000000 bytes
test case #3: non-blocking send
server listening at [::1]:8554
client [::1]:49186 connected to server [::1]:8554
sending reference data from [::1]:49186 to [::1]:8554
failed to wait for TLS socket readable/writable: 0050E80300700000:error:0A00010F:SSL routines:ssl3_write_bytes:bad length:ssl/record/rec_layer_s3.c:370:
verifying received against reference data
received only 661062 of 1000000 bytes
More insights in verbose test failure in MSVC [1] and verbose test failure in OSX.
2023-07-23T10:28:33.5840040Z Start 12: sockpuppet_tls_buffered_test
2023-07-23T10:28:37.1898040Z 12/14 Test #12: sockpuppet_tls_buffered_test ............***Failed 3.61 sec
...
2023-07-23T10:28:37.2056520Z 0x600000a38270 SSL_write(0x7f9e2f0c0d46) -> OK
2023-07-23T10:28:37.2056900Z 0x600000a38270 SSL_write(0x7f9e2f0c2946) -> 3 (init finished)
...
2023-07-23T10:28:37.2105260Z 0x600000a38270 SSL_write(0x7f9e2f0c2946) -> OK
...
2023-07-23T10:28:37.2362380Z 0x600000a382a0 SSL_write(0x7f9e2f0c66d5) -> 3 (init finished)
...
2023-07-23T10:28:37.2366770Z 0x600000a382a0 SSL_write(0x7f9e2f0c66d5) -> 1
...
2023-07-23T10:28:37.2367240Z 0x600000a382a0 SSL_shutdown -> 1
...
2023-07-23T10:28:37.2367770Z failed to wait for TLS socket readable/writable: 0010C80000700000:error:0A00010F:SSL routines:ssl3_write_bytes:bad length:ssl/record/rec_layer_s3.c:370:
SSL_ERROR_SSL (-> 1) failures occur after hitting SSL_ERROR_WANT_WRITE ( -> 3) from SSL_write even though the passed write buffer seems to the the same. Maybe the socket is still not writable (enough)?
After figuring out that the github actions used the host system's OpenSSL all the time, I got it to work with the self-build LibreSSL, which fails much less often.
Yet still: Test failure in OSX [1] and Test failure in MSVC [2]
[1]
11/14 Test #11: sockpuppet_tls_test .....................***Failed 2.18 sec
server listening at [::1]:8554
client client [::1]:49186client connected to server [::1]:49187 connected to server [::1]:8554[::1]:8554
0x600000afc3900x600000af4090 SSL_read -> SSL_read -> 2
[::1]:49188 connected to server [::1]:8554
0x600000af81b0 SSL_read -> 2
2
0x600000af4090 SSL_read -> 2
0x600000afc390 SSL_read -> 2
0x600000af81b0 SSL_read -> 2
0x600000afc6600x600000afc5d0 SSL_read -> SSL_read -> 22
0x600000afc540 SSL_read -> 2
0x600000af4090 SSL_read -> 2
0x600000afc390 SSL_read -> 2
0x600000af81b0 SSL_read -> 2
server sending to client [::1]:49188
server sending to client 0x600000afc5d0 SSL_read -> [::1]:49186
0x600000afc660 SSL_write(0x10b3cfe30) -> 23
0x600000afc540 SSL_write(0x10b3cfe30) -> 3
server sending to client [::1]:49187
0x600000afc660 SSL_write(0x10b3cfe30) -> OK
0x600000afc540 SSL_write(0x10b3cfe30) -> OK
0x600000afc540 SSL_shutdown -> 2
0x600000afc660 SSL_shutdown -> 2
0x600000af81b0 SSL_read -> OK
0x600000af4090 SSL_read -> OK
client [::1]:49188 received from server
client [::1]:49186 received from server
0x600000af81b0 SSL_read -> 0x600000af4090 SSL_read -> TLS connection closed
TLS connection closed
0x600000afc540 SSL_shutdown -> OK
0x600000afc660 SSL_shutdown -> OK
0x600000afc390 SSL_shutdown -> 2
0x600000afc5d0 SSL_write(0x10b3cfe30) -> OK
0x600000afc5d0 SSL_shutdown -> OK
0x600000afc390 SSL_shutdown -> 0x600000afc390 SSL_shutdown -> OK
client failed to receive
[2]
Start 11: sockpuppet_tls_test
11: Test command: D:\a\sockpuppet\sockpuppet\build\Release\sockpuppet_tls_test.exe
11: Working Directory: D:/a/sockpuppet/sockpuppet/build
11: Test timeout computed to be: 10000000
11: server listening at [::1]:8554
11: client [::1]:60183 connected to server [::1]:8554
11: client [::1]:60184 connected to server [::1]:8554
11: 000002E9C780D110 SSL_read -> 2
11: 000002E9C780CD10 SSL_read -> 2
11: client [::1]:60185 connected to server [::1]:8554
11: 000002E9C780C550 SSL_read -> 2
11: 000002E9C780D110 SSL_read -> 2
11: 000002E9C780CD10 SSL_read -> 2
11: 000002E9C780CD10 SSL_read -> 2
11: 000002E9C780CD10 SSL_read -> 2
11: 000002E9C780D110 SSL_read -> 2
11: 000002E9C780CD10 SSL_read -> 2
11: 000002E9C780D110 SSL_read -> 2
11: 000002E9C780D110 SSL_read -> 2
11: 000002E9C780C550 SSL_read -> 2
11: 000002E9C780C550 SSL_read -> 2
11: 000002E9C780D110 SSL_read -> 2
11: 000002E9C780D110 SSL_read -> 2
11: 000002E9C780C650 SSL_read -> 2
11: server sending to client [::1]:60183
11: 000002E9C780C810 SSL_read -> 2
11: server sending to client [::1]:60184
11: 000002E9C780C810 SSL_write(00007FF738D9445C) -> 2
000002E9C780CD10 SSL_read -> 2
000002E9C780C810 SSL_write(00007FF738D9445C) -> 3
000002E9C780C810 SSL_write(00007FF738D9445C) -> OK
000002E9C780CD10 SSL_read -> OK
client [::1]:60184 received from server
000002E9C780C810 SSL_shutdown -> 2
000002E9C780CD10 SSL_read -> TLS connection closed
000002E9C780C810 SSL_shutdown -> OK
000002E9C780CBD0 SSL_read -> 2
server sending to client [::1]:60185
000002E9C780CBD0 SSL_write(00007FF738D9445C) -> 2
000002E9C780C550 SSL_read -> 2
000002E9C780CBD0 SSL_write(00007FF738D9445C) -> 3
000002E9C780CBD0 SSL_write(00007FF738D9445C) -> OK
000002E9C780CBD0 SSL_shutdown -> 2
000002E9C780C550 SSL_read -> OK
client [::1]:60185 received from server
000002E9C780C550 SSL_read -> TLS connection closed
000002E9C780CBD0 SSL_shutdown -> OK
000002E9C780D110 SSL_shutdown -> 2
000002E9C780C650 SSL_write(00007FF738D9445C) -> OK
000002E9C780D110 SSL_shutdown -> 000002E9C780D110 SSL_shutdown -> 2
000002E9C780C650 SSL_shutdown -> OK
000002E9C780D110 SSL_shutdown -> OK
client failed to receive
The issue
clients did not receive echoed reference data on time
Assertion failed: (i < handshakeStepsMax), function Shutdown, file socket_tls_impl.cpp, line 262.
seen in OSX remains unsolved by #4 and will be tracked in #5.
Also generally, OpenSSL remains a big stretch on the general library interface (e.g. non-zero receive).