-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TLS-enabled server logs spurious errors on TCP connections #2504
Comments
Is there some way we can catch and ignore these? |
Looks like it's time to add another case to the big try/except block here: Lines 1321 to 1353 in 627eafb
This TCP-level healthcheck is supposed to turn into either SSL_ERROR_EOF (if the connection was shut down cleanly) or a
This is because |
@bdarnell I created a simple docker test harness: https://gist.github.com/davidblewett/1d9ad0f09274ad4adf8d7b6c403622ac .
|
This error is possible for some connections that don't follow through with the TLS handshake. Fixes tornadoweb#2504
Thanks for the reproduction script. I don't see any way around it, so I've added "errno 0" to the list of silent errors here in #2518. |
This error is possible for some connections that don't follow through with the TLS handshake. Fixes tornadoweb#2504
We are terminating TLS in Tornado so that we can do client certificate validation. Tornado is then proxied to via an AWS ELB that is doing TCP-level health checks of the service. Because these connections do not complete the handshake, I see a lot of logs like this:
I've tested on Python 3.7 and Python 3.6, Tornado 5.1.
Simple test case:
Then
sleep 0.1 | telnet 127.0.0.1 8888
ornc -vz 127.0.0.1 8888
(btw, thecheck_hostname
is to prevent this traceback; not sure how to setserver_hostname
correctly in this context):The text was updated successfully, but these errors were encountered: