New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unexpected event type at TCPLayer.relay_messages: Expected DataReceived|ConnectionClosed|TcpMessageInjected, got Start({}) #6787
Comments
We do not have good repro scenarios but based on the logs, the crash is proceeded by the following events:
Is there a good way to debug this problem? |
Some more additional info. It looks like the error occurs in the following conditions:
When this happened, I was using WordPress or Expedia. After the crash, the site became unresponsive for 10 minutes or so.
|
Does this reproduce on main?
https://github.com/mitmproxy/mitmproxy/pull/6749/files may be relevant here.
…On Sat, Apr 6, 2024, 15:04 Changsin ***@***.***> wrote:
Some more additional info. It looks like the error occurs in the following
conditions:
1. TLS failures or server disconnect occurs
2. Results in either OpenSSL.SSL.WantReadError or Unexpected event
type at TCPLayer.relay_messages errors
When this happened, I was using WordPress or Expedia. After the crash, the
site became unresponsive for 10 minutes or so.
Here are the callstacks.
[21:50:43.774][127.0.0.1:65504] server disconnect wordpress.com:443 (192.0.78.17:443)
[21:50:43.776][127.0.0.1:65504] mitmproxy has crashed!
Traceback (most recent call last):
File "mitmproxy/proxy/server.py", line 381, in server_event
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/layer.py", line 270, in handle_event
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/layers/http/__init__.py", line 880, in _handle_event
File "mitmproxy/proxy/layers/http/__init__.py", line 936, in event_to_child
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/layers/http/__init__.py", line 776, in passthrough
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/tunnel.py", line 98, in _handle_event
File "mitmproxy/proxy/layers/tls.py", line 489, in event_to_child
File "mitmproxy/proxy/tunnel.py", line 154, in event_to_child
File "mitmproxy/proxy/tunnel.py", line 123, in _handle_command
File "mitmproxy/proxy/layers/tls.py", line 435, in send_data
File "OpenSSL/SSL.py", line 2056, in sendall
File "OpenSSL/SSL.py", line 1810, in _raise_ssl_error
OpenSSL.SSL.WantReadError
[21:51:13.150][127.0.0.1:65522] Unable to establish TLS connection with server (connection closed). Trying to establish TLS with client anyway. If you plan to redirect requests away from this server, consider setting `connection_strategy` to `lazy` to suppress early connections.
[21:51:13.162][127.0.0.1:65522] server disconnect www.expedia.com:443 (23.52.32.154:443)
[21:51:13.165][127.0.0.1:65522] mitmproxy has crashed!
Traceback (most recent call last):
File "mitmproxy/proxy/server.py", line 381, in server_event
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/layer.py", line 270, in handle_event
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/layers/http/__init__.py", line 880, in _handle_event
File "mitmproxy/proxy/layers/http/__init__.py", line 936, in event_to_child
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/layers/http/__init__.py", line 776, in passthrough
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/tunnel.py", line 98, in _handle_event
File "mitmproxy/proxy/layers/tls.py", line 489, in event_to_child
File "mitmproxy/proxy/tunnel.py", line 154, in event_to_child
File "mitmproxy/proxy/tunnel.py", line 123, in _handle_command
File "mitmproxy/proxy/layers/tls.py", line 435, in send_data
File "OpenSSL/SSL.py", line 2056, in sendall
File "OpenSSL/SSL.py", line 1810, in _raise_ssl_error
OpenSSL.SSL.WantReadError
[21:51:13.167][127.0.0.1:65522] mitmproxy has crashed!
Traceback (most recent call last):
File "mitmproxy/proxy/server.py", line 381, in server_event
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/layer.py", line 270, in handle_event
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/layers/http/__init__.py", line 880, in _handle_event
File "mitmproxy/proxy/layers/http/__init__.py", line 936, in event_to_child
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/layers/http/__init__.py", line 776, in passthrough
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/tunnel.py", line 98, in _handle_event
File "mitmproxy/proxy/layers/tls.py", line 489, in event_to_child
File "mitmproxy/proxy/tunnel.py", line 153, in event_to_child
File "mitmproxy/proxy/layer.py", line 157, in handle_event
File "mitmproxy/proxy/tunnel.py", line 98, in _handle_event
File "mitmproxy/proxy/tunnel.py", line 153, in event_to_child
File "mitmproxy/proxy/layer.py", line 272, in handle_event
File "mitmproxy/proxy/layer.py", line 142, in handle_event
File "mitmproxy/proxy/layer.py", line 233, in __continue
File "mitmproxy/proxy/layer.py", line 196, in __process
File "mitmproxy/proxy/layer.py", line 289, in _handle_event
File "mitmproxy/proxy/layer.py", line 303, in _ask
File "mitmproxy/proxy/layer.py", line 148, in handle_event
File "mitmproxy/proxy/utils.py", line 27, in _check_event_type
AssertionError: Unexpected event type at TCPLayer.relay_messages: Expected DataReceived|ConnectionClosed|TcpMessageInjected, got Start({}).
[21:51:13.739][127.0.0.1:65524] client connect
—
Reply to this email directly, view it on GitHub
<#6787 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAHY2PRR4AYVSGXCTEWACF3Y37XHDAVCNFSM6AAAAABFZ77GZ2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANBRGA3TMNZQGU>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
I just copied the main's server.py and rebuilt mitmproxy. Unfortunately, it still reproes. Should I apply the whole main? |
Copying over server.py would have been enough here. But you can preempt the entire question by taking the current main branch in its entirety. :) An unexpected Start event is a curious case. Can you verify if this still reproduces if you comment out this line?
|
I tried the main in its entirety but it still reproes Some additional info:
I'll provide some more useful info if I can find it. |
Unfortunately, we are still seeing the same crashing issues. The frequency seems reduced though but they are still happening with those two call stacks. It would be great if there is a way to debug the issue better. |
Ideally we'd get this reproduced with |
I added proxy_debug through DumpMaster but it is still reproing.
|
If you increase log verbosity, you should get very extensive debug logs
(warning: *very* extensive).
…On Fri, Apr 12, 2024 at 4:28 PM Changsin ***@***.***> wrote:
I added proxy_debug through DumpMaster but it is still reproing.
The output does not seem different from what we had before. Maybe I am
doing something wrong with this option?
master_instance = dump.DumpMaster(
opts,
with_termlog=True,
with_dumper=False,
)
master_instance.addons.add(strac_dlp)
master_instance.addons.add(tlsconfig)
master_instance.options.proxy_debug = True
await master_instance.run()
—
Reply to this email directly, view it on GitHub
<#6787 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAHY2PVYT4LPR6AWAXFRR43Y47VPTAVCNFSM6AAAAABFZ77GZ2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANJRHA3DQNZYGU>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
How about catching SSL.WantReadError here? I will test it on my machine and let you know if it improves.
|
I'm not really sure what to make out of the WantReadError from sendall - if that's really something that can happen for healthy connections, we probably need to change the TLS addon quite a bit. In short, if we just swallow the error for send(), we will forget that piece of data instead of retrying it. The OpenSSL docs (https://www.openssl.org/docs/manmaster/man3/SSL_get_error.html) make it sound like send() only triggers WANT_READ if negotation is happening. Can you check whether this error is only occurring for TLS 1.2 or below? (catch WantReadError and then print details about the connection). If this happens for TLS 1.3, my only suspicion would be that we have a situation here where the layer is already trying to transmit data before the TLS layer has finished the handshake. Maybe dump |
So far, the website that tend to result in crashes are all TLS1.2: default.exp-tas.com Also, the repro seems quite consistent. If a crash is due to SSL.WantReadError, the scenario is:
Here is an example
Does this give you any clue? |
Problem Description
We do not have a good repro scenario but we find the stack trace like this in some of our users.
They were using Safari when encountering these issues.
Steps to reproduce the behavior:
We do not have a good repro scenario but they were using Safari when encountering these issues.
I am not sure if this is related, but we were trying to block accessing certain sites with this code:
This code works fine in Chrome and most users in Safari but does not seem to work in a small number of machines because of this issue.
System Information
Paste the output of "mitmproxy --version" here.
Mitmproxy: 10.2.4
Python: 3.10.11
OpenSSL: OpenSSL 3.2.1 30 Jan 2024
Platform: macOS-14.4-arm64-arm-64bit
The text was updated successfully, but these errors were encountered: