You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The client ends HTTP TLS session with RST, instead of TCP FIN/FIN/ACK.
First, let me say that I'm not sure this a problem with caddy. I reproduce the problem using curl 8.9.0 and GNU Wget 1.24.5 as clients, against caddy v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk= as the server. I don't see the problem against nginx/1.27.0 as the server. The host is an M1 MacOS arm64.
To reproduce
Use the following Caddyfile, to start caddy container
Install tools into the container and start tcpdump
docker exec -it caddy sh -c "apk add procps vim curl iproute2 tcpdump wireshark-common tshark wget"
docker exec -it caddy sh -c "tcpdump -i lo -w /srv/test.pcap '(tcp or udp) and port 443'"
In other terminal, make HTTPS request, and afterwards stop the tcpdump with ctrl+c
docker exec -it caddy sh -c "curl -vI --http1.1 https://localhost"
The client ends HTTP TLS session with RST, instead of TCP FIN/FIN/ACK.
First, let me say that I'm not sure this a problem with caddy. I reproduce the problem using curl 8.9.0 and GNU Wget 1.24.5 as clients, against caddy v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk= as the server. I don't see the problem against nginx/1.27.0 as the server. The host is an M1 MacOS arm64.
To reproduce
Result
Here is the packet sequence from caddy as the server, read with
docker exec -it caddy sh -c "tshark -r test.pcapng"
Note that last RST packet
Here is the corresponding packet sequence from nginx as the server.
The problem with ending RST is also present for HTTP2.
The pcapng files are attached.
Contain RST, curl/wget request to caddy
http2.pcapng.gz
http1.1.pcapng.gz
http1.1wget.pcapng.gz
Without RST, curl request to nginx
http1.1nginx.pcapng.gz
The text was updated successfully, but these errors were encountered: