Hi, On Thu, Aug 17, 2023 at 01:01:01PM -1000, Romain Tartière wrote: > [ Reason ] > Due to improper return value checks, when communicating with a remote > server over TLS riemann-c-client sometimes send the same data fragment > multiple times, resulting in the server receiving a malformed payload. > > This happen with all versions of TLS, but TLS 1.3 trigger this bad > behaviour more often. With more and more services using TLS 1.3, this > problem is more and more prevalent. > > [ Impact ] > When the client send a large payload over TLS faster than the network > can send it, the improper return value checks cause portions of that > data to be send multiple times to the server. When the transfer > eventually finish, the server detect that the payload is invalid and > drop the connection. The client will then reconnect and retry the > transfer that might fail again and again. > > Beside error messages in the server logs, these data corrupt data > transfer cause an unexpectedly hight bandwidth usage.
This request was approved but not uploaded in time for the previous point release (12.5). Should it be included in 12.6, or should this request be abandoned and closed? Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
