-
-
Notifications
You must be signed in to change notification settings - Fork 6.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Connection timeout on https streams #1174
Comments
You didn't post the information from the template, please do that in the future. What's your curl -V ? Is this related to #1156? |
@jay I've mentioned the relevant commit. And it doesn't seem so, as I don't use a proxy. |
To be clear, this still occurs on git master. |
Can you please clarify what "this" is? What still occurs in git master? I miss a detailed description of what you're doing and what happens when you do that in comparison to what you expect. |
What I do:
What I expect to happen (and happens before cb4e2be): it connects and starts playing. What happens: an error in libcurl occurs: Operation timed out after 10010 milliseconds with 0 out of 0 bytes received. It is triggered at line 1378 of lib/multi.c (the branch if (timeout_ms <0)... if (k->size != -1). It does not start playing. |
What libcurl options does this use? Which TLS backend is this libcurl using? How can we reproduce this problem - without mpd? |
It uses the openssl backend, it seems. The backtrace (if it is relevant): https://paste.pound-python.org/show/U8PF7y4wi20ol6UkWPpY/ |
Can you tell as a public HTTPS URL that you use when you get the problem? Are you using a proxy? |
https://radio.stew.moe/stream/stream256.opus (though it may rarely be down). I'm not using a proxy. |
I tried it like 20 times in a row. It usually gives back a 404 really fast, and once it did take 16 seconds to connect. I've not managed to get any hints that say that this is a curl problem and not the server's. How frequently do you see the problem? Do you see the problem on all HTTPS URLs you try or just this? Can you change the timeout from 10 seconds to something larger, like 30 and see if that also is reached or if it then is likelier to succeed? |
Ah, it dies several hours ago, again (the error occured when it was alive, to be clear). Will fix that (it's up now) and try with a larger timeout in the meantime. And I see it on both https streams I've found. |
Still getting the timeout even after half |
You meant half a minute, right? So can you invoke |
It didn't fail with the command line client even once for me though (and doesn't after a dozen tries). |
Running hiperfifo from docs/examples exhibits the same behavior, with every HTTPS server I've tried. I get the following output:
and after that curl waits indefinitely (well, at least 15 minutes). If I add
like mpd, then curl aborts the connection after 10 s:
Tested on Debian Jessie (using OpenSSL/1.0.1t and zlib/1.2.8) and Gentoo (using OpenSSL/1.0.2j and zlib/1.2.8). The bug appears to be specific to openssl - the gnutls backend works. I tested using the latest git master, and git bisect points to cb4e2be as the first bad commit. The command-line client works in all cases. |
Hmm, indeed, everything works fine with curl 7.52.1 with gnutls backend. The issue probably lies in the openssl backend. |
Try this very simple patch:
|
Fixed an old leftover use of the USE_SSLEAY define which would make a socket get removed from the applications sockets to monitor when the multi_socket API was used, leading to timeouts. Bug: #1174
The issue's resolved after the commit. Thanks! |
@bagder could you please tag a new stable release? I was 'owned' by the stabilization of 7.52.1 by my distro. This breaks libcurl consumers, like mpd mentioned above, and rtorrent. |
The next release is planned for February 2017. The mistake this commit fixes has been around for many releases. If you want to argue for an earlier release, I'd urge you to take that to the curl-library mailing list. |
@bagder :
That's wrong. The mistake has been introduced with the "SSL proxy" commit cb4e2be . This commit has removed these lines:
... and added these lines:
So this has introduced bugs for: OpenSSL (fixed with a7b38c9), mbed TLS (fixed with 06b1197 ) and PolarSSL (not fixed yet). For people that use one of these TLS backends, that's an important regression in curl 7.52.1. |
Seems correct, yes. I'll bring it back to the working layout and fix PolarSSL. Thanks! |
A regression brought in cb4e2be Reported-by: Michael Kaufmann Bug: #1174 (comment)
curl/curl#1174 Fixes NixOS/nix#1181. (cherry picked from commit 7bc801e)
A regression brought in cb4e2be Reported-by: Michael Kaufmann Bug: curl#1174 (comment)
I'm really glad I found this patch after many hours of debugging my application. Thanks to all people involved in fixing this. |
It's a fix (curl's a7b38c9) for regression in v7.52.0 (curl's cb4e2be). curl/curl#1174 Without this patch apps like rtorrent don't work with HTTPS stuff. (edge commit 2626290)
A regression appeared in cb4e2be, which causes https connections to time out (found out by bisection).
To be precise, since the commit, mpd (0.19.21 as well as earlier versions) often (almost always) fails to play remote https streams due to connection timeouts: see
curl/lib/multi.c
Line 1378 in cb4e2be
This does not occur for http streams.
@MaxKellerman may be interested.
I'm running Gentoo.
The text was updated successfully, but these errors were encountered: