Websocket tunnel broken with existing SSL session
Maxim Dounin
mdounin at mdounin.ru
Wed Jan 15 16:15:23 UTC 2014
Hello!
On Wed, Jan 15, 2014 at 12:16:18PM +0000, Eiríkur Nilsson wrote:
> Thanks for the suggestion.
>
> We're not specifying a event method currently, though I can't see if
> eventport was the default. If I explicitly use /dev/poll, and turn
> ssl_session_cache back on, the issue comes back.
>
> I have verified that both the HTTP request and response are proxied
> properly. It seems to me that when the upgrade is finished nginx enters
> direct tunneling mode for the websocket data, which doesn't work for some
> sockets, at least these recovered SSL sessions from iOS clients.
>
> The event method issue would have explained why I can't reproduce the issue
> on mac (with self signed cert). I also haven't reproduced it with an
> Android client, although I did not verify with tcpdump if my android test
> reused the SSL session.
>
> Any other ideas?
It might be helpfull to see debug log and a tcpdump. See also
http://wiki.nginx.org/Debugging for hints.
--
Maxim Dounin
http://nginx.org/
More information about the nginx
mailing list