Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS handshakes counter error #2250

Open
const-t opened this issue Sep 20, 2024 · 0 comments
Open

TLS handshakes counter error #2250

const-t opened this issue Sep 20, 2024 · 0 comments
Labels
bug good to start Start form this tasks if you're new in Tempesta FW low priority
Milestone
0.9 - LA

Comments

@const-t
Copy link
Contributor

const-t commented Sep 20, 2024

It seems there is an error in handshakes counter logic, I do only one request, Tempesta receives only one request, but incremented "successful" and "fail" counters, however expected to be incremented only "successful" counter.

cat /proc/tempesta/perfstat output:

Minimal response time		: 0ms
Average response time		: 0ms
Median  response time		: 0ms
Maximum response time		: 0ms
Percentiles
50%:	0ms
75%:	0ms
90%:	0ms
95%:	0ms
99%:	0ms
SS work queue full			: 0
SS work queues' sizes			: 0 0 0 0 0 0
SS backlog's sizes			: 0 0 0 0 0 0
Cache hits				: 0
Cache misses				: 1
Client messages received		: 1
Client messages forwarded		: 1
Client messages served from cache	: 0
Client messages parsing errors		: 0
Client messages filtered out		: 0
Client messages other errors		: 0
Clients online				: 0
Client connection attempts		: 1
Client established connections		: 1
Client connections active		: 0
Client RX bytes				: 29
Server messages received		: 1
Server messages forwarded		: 1
Server messages parsing errors		: 0
Server messages filtered out		: 0
Server messages other errors		: 0
Server connection attempts		: 128
Server established connections		: 128
Server connections active		: 128
Server connections schedulable		: 128
Server RX bytes				: 959
Server successful TLS handshakes	: 1
Server failed TLS handshakes		: 1 <-- ERROR: Why we have failed?

curl -vk https://ubuntu output:

*   Trying 127.0.0.1:443...
* Connected to ubuntu (127.0.0.1) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
* ALPN: server accepted h2
* Server certificate:
*  subject: C=US; ST=Washington; L=Seattle; O=Tempesta Technologies Inc.; OU=Testing; CN=tempesta-tech.com; [email protected]
*  start date: Sep 10 14:15:59 2023 GMT
*  expire date: Sep 10 14:15:59 2024 GMT
*  issuer: C=US; ST=Washington; L=Seattle; O=Tempesta Technologies Inc.; OU=Testing; CN=tempesta-tech.com; [email protected]
*  SSL certificate verify result: self-signed certificate (18), continuing anyway.
* Using HTTP2, server supports multiplexing
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: ubuntu]
* h2h3 [user-agent: curl/7.85.0-DEV]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x5594c8802160)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET / HTTP/2
> Host: ubuntu
> user-agent: curl/7.85.0-DEV
> accept: */*
@const-t const-t added this to the 0.9 - LA milestone Sep 20, 2024
@const-t const-t added bug good to start Start form this tasks if you're new in Tempesta FW labels Sep 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug good to start Start form this tasks if you're new in Tempesta FW low priority
Projects
None yet
Milestone
0.9 - LA
Development

No branches or pull requests
2 participants
@krizhanovsky @const-t