On Sat, Jan 11, 2025 at 02:10:52PM +0100, cen wrote:
ab -n 1 -c 1 https://www.google.com/
This is ApacheBench, Version 2.3 <$Revision: 1913912 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking www.google.com (be patient)...SSL read failed (1) - closing
connection
80756A448C7F0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while
reading:../ssl/record/rec_layer_s3.c:322:
This is because some servers drop a connection when they're done rather
than closing it gracefully. (This is actually becoming more common than
not due to changes in the way HTTPS is used between browsers and servers
on the modern internet.) You can try filing a bug against apache2-utils
asking that ab add IgnoreUnexpectedEOF to the SSL options. I don't know
what kind of reception that will get if you can't demonstrate it being a
problem on your own site. It's also possible to modify openssl.cnf to
make this option the default for all connections. To do that, create the
following in $HOME/openssldemo.cnf:
openssl_conf = openssl_init
[openssl_init]
ssl_conf = ssl_sect
[ssl_sect]
system_default = ssl_default_sect
[ssl_default_sect]
Options = IgnoreUnexpectedEOF
Then run
env OPENSSL_CONF=$HOME/openssldemo.cnf ab -r -n1 -c1 https://www.google.com/
and it should work fine. It's possible to modify /etc/ssl/openssl.cnf to
make that the system default by adding the ssl_conf directive to the
existing [openssl_init] in that file, then adding everything from
[ssl_sect] down to the bottom. There are various pros and cons to doing
this, which is why it isn't the default already.
