-
-
Notifications
You must be signed in to change notification settings - Fork 9.9k
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenSSL QUIC client goes into DRAINING unexpectedly #23285
Comments
- opened openssl/openssl#23285 on OpenSSL for connection draining issue - shortened pytest nghttpx live check --connect-timeout since our unconnected socket does not fail otherwise
Do you see anything on the OpenSSL error stack when that happens?
Any chance you might be able to get a stack trace at that point when this happens? |
Sure:
|
It claims to encounter |
Yeah, that means the peer closed the connection for some reason. |
nghttp3 closes the connection with error |
Are you calling SSL_free on an essential stream causing it to be ended? |
For being double certain, I commented out my |
Concluding the HTTP/3 control stream would be a problem. There is an HTTP/3 demo here: https://github.com/openssl/openssl/tree/master/demos/http3 |
Stream resets get encoded here: Lines 2427 to 2466 in dbe66cd
A stream is marked with FIN (concluded) here: Lines 178 to 192 in dbe66cd
|
Talking to google.com gives a reason string:
|
You are sending STOP_SENDING on the HTTP/3 control stream. This is illegal. This will happen automatically if you call SSL_free on the control stream. Do not do this. |
Hmm, but @icing says all |
If it helps to track down where this occurs, the stop sending gets scheduled here: openssl/ssl/quic/quic_stream_map.c Line 726 in d4d9b57
|
Thanks to you all, I start to see some light here. I did not set the incoming stream policy, which seems to lead to auto-rejection of the control streams the server wants to open. Working on it.... |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Description
Working on integrating OpenSSL 3.2 QUIC API into the curl project, I encounter an error with a >60% likelihood where the QUIC connection goes into
DRAINING
state. This happens just after sending off the first request.I traced down the channel state change to
quic_channel.c#3022: ch_start_terminating()
being called withoutreason
string andcause->error_code == 260
.OS: macOS 14.2.1
Server: same behaviour with local nghttpx or Fastly CDN on curl.se
Caveat: I use an unconnected socket in a dgram BIO, because of #23251.
Expectation
OpenSSL QUIC should be able to keep the connection going for many requests, as ngtcp2 and quiche do in the same network/server environment.
The text was updated successfully, but these errors were encountered: