<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none"><!-- p { margin-top: 0px; margin-bottom: 0px; }--></style>
</head>
<body dir="ltr" style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:'Courier New',monospace;">
<p>Hello,<br>
</p>
<p><br>
</p>
<p>May I please have help on this issue? Thanks in advance!<br>
</p>
<p><br>
</p>
<p>I had a stunnel server and client communicating with TLSv1.2 (both of them are stunnel 5.55 and OpenSSL-1.1.1d) on CentOS 7 based Linux (kernel was updated as 4.19.0). The case is that client sends a HTTP request to server, and then server responds a payload
with more than 640KB size. Normally, the server will close the connection by sending an alert firstly.<br>
</p>
<p><br>
</p>
<p>The issue is that sometimes (not 100% reproducible), stunnel client reported: <span style="font-size: 12pt;">"TL</span><span style="font-size: 12pt;">S socket closed (read hangup)". </span><span style="font-size: 12pt;">and then closed the TLS socket. So
I could find an alert sent from client to server firstly from tcpdump. Consequently, this caused the application reported "unexpected end of input" as there should be more data to be received.</span></p>
<p><br>
</p>
<p>I added a few debug logic and I indeed found that: <span style="font-size: 12pt;">there were occurrences that if stunnel client did not close the TLS socket, it could read more data from TLS socket in next poll loop:</span></p>
<p><br>
</p>
<p>--------------------<br>
</p>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: POLLRDHUP: 8192 <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: ioctlsocket: 0 <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: bytes: 0 <== client didn't close the sock in my debug version.<br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: after checking <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: s_poll_wait: return 1 <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: sock_can_rd: n <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: sock_can_wr: Y <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: ssl_can_rd: n </div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: ssl_can_wr: n <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: pending: 1 <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: write to sock 18432 <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: read_wants_read Y </div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: write_wants_writen <br>
</div>
<div>03:59:46 localhost stunnel: LOG6[0]: MingL: read from TLS 10168 <== then I observed the further read from TLS.<br>
</div>
<div><span style="font-family: "Courier New", monospace; font-size: 16px; background-color: rgb(255, 255, 255);">--------------------</span><br>
</div>
<div><span style="font-family: "Courier New", monospace; font-size: 16px; background-color: rgb(255, 255, 255);"><br>
</span></div>
<div><br>
</div>
<div>Any help will be appreciated!<br>
</div>
<div><br>
</div>
<div>Ming<br>
</div>
<p><br>
</p>
</body>
</html>