s6-tlsd immediately sending EOF during TLS handshake

From: ilaia <quote.laia_at_protonmail.com>
Date: Tue, 11 Feb 2020 23:10:22 +0000

Note: I'm running the current stable releases of skalibs and s6-*. It's
all statically linked, against musl, if that might be relevant.

To give an example minimal usage, running

$(which export) CERTFILE /etc/letsencrypt/live/$REDACTED/fullchain.pem \
$(which export) KEYFILE /etc/letsencrypt/live/$REDACTED/privkey.pem \
s6-tlsserver -v -- 0.0.0.0 443 exit 0

on the server, and

CADIR=/etc/ssl/certs s6-tlsclient $REDACTED 443 s6-ioconnect

on the client, the client reports

> s6-tlsc: fatal: unable to perform SSL handshake: handshake failed:
unexpected EOF

and the server reports

> s6-tcpserver4d: info: starting
> s6-tcpserver4d: info: status: 0/40!
> s6-tcpserver4d: info: allow [redacted]:42623 pid 29407 count 1/40
> s6-tcpserver4d: info: status: 1/40
> s6-tcpserver4d: info: end pid 29407 ip [redacted] signal 11
> s6-tcpserver4d: info: status: 0/40

Far as I can tell this is undocumented behavior (hell, exiting 11 isn't
even in the s6-tlsd source!), so I believe I have run into a Mysterious
Bug. (Of course, there is always that distinct possibility I just, don't
know what I'm doing...)

If providing sysdeps might be useful:

clockrt: yes
clockmon: yes
clockboot: yes
posixspawn: yes
timer: yes
endianness: little
sizeofushort: 2
sizeofuint: 4
sizeofulong: 8
signedsize: no
sizeofsize: 8
signeduid: no
sizeofuid: 4
signedgid: no
sizeofgid: 4
signedpid: yes
sizeofpid: 4
signedtime: yes
sizeoftime: 8
signeddev: no
sizeofdev: 8
signedino: no
sizeofino: 8
accept4: yes
cmsgcloexec: yes
dirfd: yes
eventfd: yes
flock: yes
getrandom: yes
getpeereid: no
sopeercred: yes
getpeerucred: no
ipv6: yes
msgdontwait: yes
odirectory: yes
openat: yes
linkat: yes
memmem: yes
pipe2: yes
ppoll: yes
revoke: no
sendfile: yes
setgroups: yes
settimeofday: yes
signalfd: yes
splice: yes
strcasestr: yes
strnlen: yes
uint64t: yes
futimens: yes
futimes: yes
arc4random: no
arc4random_addrandom: no
itimer: yes
namespaces: yes
nsgetparent: yes
explicit_bzero: yes
devurandom: yes
Received on Tue Feb 11 2020 - 23:10:22 UTC

This archive was generated by hypermail 2.3.0 : Sun May 09 2021 - 19:38:49 UTC