Skip to content

crypto/tls: Sending multiple messages via tcp4 connection encrypted by TLS1.3 doesn't work #43250

New issue
New issue
Open
Open
crypto/tls: Sending multiple messages via tcp4 connection encrypted by TLS1.3 doesn't work#43250
Labels
NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Backlog
@nixargh

Description

@nixargh
nixargh
opened on Dec 17, 2020

What version of Go are you using (go version)?

$ go version
go version go1.15.6 linux/amd64

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/user/.cache/go-build"
GOENV="/home/user/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/user/Documents/repos/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/user/Documents/repos/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build262060463=/tmp/go-build -gno-record-gcc-switches"

What did you do?

My code receives and sends text messages to Haproxy (I've tried 1.8 and 2.2) via TCP connection.
It works w/o encryption and with TLS1.2. But doesn't work with TLS1.3 except when I send only one message per connection.
I undestand that it may be a bug in Haproxy but I haven't found one and also I have another Haproxy and Java programs that do the same job w/o errors. Haproxy config sets minimum encryption level to TLS1.2.

A piece of code that sends multiple messages to TLS connection: https://play.golang.org/p/x5RWpwrcvLh
Full code is here.

What did you expect to see?

I expect Haproxy receive and process those messages.

What did you see instead?

Almost all (~95%) of message finished with CD error that means (from here):

     CD   The client unexpectedly aborted during data transfer. This can be
          caused by a browser crash, by an intermediate equipment between the
          client and haproxy which decided to actively break the connection,
          by network routing issues between the client and haproxy, or by a
          keep-alive session between the server and the client terminated first
          by the client.

Log message example:
Dec 17 19:34:37 haproxy-secure haproxy[7240]: *.*.*.*:33308 [17/Dec/2020:19:34:37.674] test~ test/test 100/1/198 0 CD 2/2/1/0/0 0/0

Metadata

Metadata

Assignees

No one assigned

    Labels

    NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions