Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-24614

TCP RST packets caused by additional packets sent by Zabbix server after TCP FIN when using TLS

XMLWordPrintable

    • S24-W44/45
    • 1

      Steps to reproduce:

      1. configure 6.4.15 Server and Agents with TLS

      Result:
      Network dump gives the following communication between the Zabbix server and a passive agent using TLS with a PSK:

      Agent host dump
      Server -> Client: hello SYN
      Client -> Server: SYN, ACK
      Server -> Client: ACK seq=1
      Server -> Client: Client Hello
      Client -> Server: ACK
      Client -> Server: Server Hello, Change Cypher Spec, Application Data
      Server -> Client: ACK
      Server -> Client: Change Cypher Spec, Application Data
      Client -> Server: Application Data
      Server -> Client: Application Data
      Client -> Server: Application Data
      Client -> Server: FIN, ACK
      == From here we get RST twice. The client has already closed the socket (app or OS)
      == Why is the server still sending data, although the client has send FIN?
      * Server -> Client: Application Data
      * Client -> Server: RST
      * Server -> Client: FIN/ACK
      * Client -> Server: RST

      This indicates that the server continues to send data to the agent, even though the socket has already been closed by the agent at that time.

      Expected:
      Do not send data on a closed connection.

        1. zabbix_agent2.log
          52 kB
        2. zabbix_agent2.conf
          17 kB
        3. screenshot-1.png
          screenshot-1.png
          65 kB
        4. openssl_quiet_shutdown_6.4.diff
          1.0 kB

            vso Vladislavs Sokurenko
            edgar.akhmetshin Edgar Akhmetshin
            Team B
            Votes:
            1 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved: