[Libwebsockets] Caching TLS session attempted for apparently invalid wsi

Catalin Raceanu cra at mega.nz
Tue Jun 22 20:55:00 CEST 2021


Hello,


Sometimes LWS logs a lot of

    W: lws_tls_session_tag_from_wsi: wsi has no stash

Debugging it, turns out they come from

    1  lws_tls_session_tag_from_wsi                tls-sessions.c       49
    2  lws_tls_session_new_cb                      openssl-session.c    228
    3  lws_sess_cache_synth_cb                     openssl-session.c    325
    4  lws_ssl_close                               openssl-ssl.c        458
    5  __lws_close_free_wsi_final                  close.c              818
    6  lws_libuv_closewsi                          libuv.c              801

This is from v4.2-stable, commit 7c3c179e.

I suspect it happens when a wsi that did not actually connected anywhere 
is destroyed.

One way to work around that was to change lws_ssl_close() in openssl-ssl.c:
- lws_sess_cache_synth_cb(&wsi->tls.sul_cb_synth);

+        if (wsi->stash)
+ lws_sess_cache_synth_cb(&wsi->tls.sul_cb_synth);

but I'm not sure this is the right solution.

Your feedback would be very helpful.

Thank you,
Catalin

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20210622/d66f7c71/attachment.htm>


More information about the Libwebsockets mailing list