• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Spike in SSL handshake failures since iOS9 rollout
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Spike in SSL handshake failures since iOS9 rollout

  • Subject: Re: Spike in SSL handshake failures since iOS9 rollout
  • From: Imran Patel <email@hidden>
  • Date: Wed, 23 Sep 2015 11:22:46 -0700
Hi Quinn,

Thanks for the reply. I don't think this is the same issue as what
Jens saw. We don't use DNS and connect to an IPv4 address directly
from the client. Based on our investigations, we suspect the problem
is triggered due to a bug in SCReachability. After the socket
connection is established, we start monitoring reachability changes
via SCNetworkReachabilityCreateWithAddressPair. We think that right
after this, reachability (falsely) reports that the destination is
unreachable which causes our code to reconnect. Not all of our clients
are exhibiting this behavior so maybe some network-specific issue
triggers this? We have disabled our reachability checking code as a
work-around and our metrics indicate that this has improved things.
Does this sound like a known regression? I will file a radar shortly.

Thanks!
Imran

On Mon, Sep 21, 2015 at 1:05 AM, Quinn "The Eskimo!" <email@hidden> wrote:
>
> On 18 Sep 2015, at 17:36, Imran Patel <email@hidden> wrote:
>
>> We see connections being disconnected by the
>> client after socket establishment and before SSL can proceed.
>
> This sounds suspiciously like an issue that Jens raised earlier this month.
>
> <http://lists.apple.com/archives/macnetworkprog/2015/Sep/msg00007.html>
>
> It's possible that tweaks to iOS's connect-by-name feature are triggering this change in behaviour.
>
> Regardless of whether you can reproduce it, I still recommend that you file a bug about it (including a server-side packet trace).
>
> <https://developer.apple.com/bug-reporting/>
>
> Please post your bug number, just for the record.
>
> Share and Enjoy
> --
> Quinn "The Eskimo!"                    <http://www.apple.com/developer/>
> Apple Developer Relations, Developer Technical Support, Core OS/Hardware
>
>
>
>  _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Macnetworkprog mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Spike in SSL handshake failures since iOS9 rollout
      • From: David Schinazi <email@hidden>
References: 
 >Spike in SSL handshake failures since iOS9 rollout (From: Imran Patel <email@hidden>)
 >Re: Spike in SSL handshake failures since iOS9 rollout (From: "Quinn \"The Eskimo!\"" <email@hidden>)

  • Prev by Date: Re: Spike in SSL handshake failures since iOS9 rollout
  • Next by Date: Re: Spike in SSL handshake failures since iOS9 rollout
  • Previous by thread: Re: Spike in SSL handshake failures since iOS9 rollout
  • Next by thread: Re: Spike in SSL handshake failures since iOS9 rollout
  • Index(es):
    • Date
    • Thread