Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-2986

Adding stats to TLS errors

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 5.1.0
    • SSL
    • None

    Description

      Currently we are seeing lots of following errors in our logs, esp. :

      ERROR: SSL::47359264352000:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message:s3_pkt.c:1275:SSL alert number 10

      and

      Aug  2 21:08:10 lva1-app9963 traffic_server[28078]: {0x2b12b0c18700} ERROR: SSL::47359274878720:error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate:s3_pkt.c:1275:SSL alert number 42

      I think it's better to replace those with debug message and counter. Also not logging stuff in ssl_read_from_net can remove some DDoS vectors.

      briang will take a look into it.

      Attachments

        Issue Links

          contains

          Bug - A problem which impairs or prevents the functions of the product. TS-2653 SSL Error message cleanup

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              briang Brian Geffon
              SaveTheRbtz Alexey Ivanov
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: