[Harbor] input.harbor.ssl don't accept connections after some time

[codeurimpulsif]

Describe the bug

I use input.harbor.ssl to input external stream but after some time (I don't know exactly how many time, few days for sure) I can't connect anymore.

Note: This issue seem similar to #1403 where I leave a comment.

To Reproduce

The script:

#!/usr/bin/liquidsoap

# Harbor settings
settings.harbor.bind_addrs.set(["#{IPV4_BIND}", "#{IPV6_BIND}"])
settings.harbor.ssl.certificate.set("#{TLS_CERTIFICATE_PATH}/fullchain.pem")
settings.harbor.ssl.private_key.set("#{TLS_CERTIFICATE_PATH}/privkey.pem")

# TLS Live (using Harbor)
live = input.harbor.ssl(id="live",
  buffer=2.,
  max=10.,
  port=8005,
  icy=true,
  icy_metadata_charset = "UTF-8",
  metadata_charset = "UTF-8",
  auth=auth,
  "live"
)

output.dummy(mksafe(live))

A netstat (netstat -altupn | grep <harbor-port> | grep "CLOSE_WAIT") or ss (ss -tap state CLOSE-WAIT | grep "liquidsoap") command show me there is a lot of open connections (250 exactly) to the harbor port in CLOSE_WAIT state.

I can reproduce the issue by sending lot of connections (using nc -z <harbor-ip> <harbor-port>, curl don't seem to reproduce), after some time I can't connect anymore on harbor port and open connections in CLOSE_WAIT state are still here, never flushed.

Liquidsoap logs shows Failed to accept new client: SSL accept() error: error:00000000:lib(0):func(0):reason(0) each time I open a connection (and of course add a connection in CLOSE_WAIT state to the previous netstat or ss list).

Then at some point (I can't say when exactly) a normal streaming source (I use Butt) can't connect anymore.

Then it reach the limit with log message Failed to accept new client: Too many open files in accept(), but only when I try to reproduce with this test. In normal conditions it take days to append and there is no Too many open files in accept() log messages, only the SSL accept() error ones.

Expected behavior

• Connection to the harbor port need to still be possible without restarting Liquidsoap

Version details

• OS: Debian 11 (Raspberry Pi 4B, aarch64)
• Version: 2.1.4-debian-bullseye-1

Install method

• Debian package from this Github repository

[vitoyucepi]

It seems this issue is Debian-specific. I'm unable to reproduce this using Ubuntu.

To reproduce it, you can use either the docker image savonet/liquidsoap:v2.1.4 or the virtual machine with Debian bullseye.

It's possible to use self-signed certs.
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -sha256 -days 365 -subj '/CN=localhost' -nodes

settings.harbor.ssl.certificate.set("cert.pem")
settings.harbor.ssl.private_key.set("key.pem")

live = input.harbor.ssl(
  "live",
  port=8005,
  password="test",
  icy=true,
)
output.dummy(mksafe(live))

The problem happens because the icy=true parameter is set, causing liquidsoap to begin listening on

• port=8005 with icy=false
• port=8006 with icy=true

Then use nc -z localhost 8005 from the openbsd-netcat package to connect to the server. It can be performed from anywhere.

The same problem exists in 2.2.0+git@8101608.

ssl_transport = http.transport.ssl(
  certificate="cert.pem",
  key="key.pem",
)

live = input.harbor(
  "live",
  transport=ssl_transport,
  port=8005,
  password="test",
  icy=true,
)
output.dummy(mksafe(live))

[codeurimpulsif]

For now I just try to remove all icy parameters and try again with netcat but the issue is the same.

I will try with the Docker image later maybe.

[codeurimpulsif]

Ok, I have tried with the Debian Docker image and the issue seem still here: lot of CLOSE_WAIT state connections never flushed.

But I can still connect because it never hit the limit of the log message Too many open files in accept().

So I don't know, maybe I will try to compile the binary without using the Debian package on the machine where the issue occur.

[vitoyucepi]

@codeurimpulsif,
Can you check if liquidsoap has rights to read the cert and key files?

settings.harbor.ssl.certificate.set("#{TLS_CERTIFICATE_PATH}/fullchain.pem")
settings.harbor.ssl.private_key.set("#{TLS_CERTIFICATE_PATH}/privkey.pem")

[codeurimpulsif]

@vitoyucepi Yes rights are ok, it's not a permission issue

[vitoyucepi]

Found the same problem after I changed the rights for key.pem file and reduced the nofile limit to 1024.

2023/05/09 16:03:25 [harbor:2] Failed to accept new client: SSL: Privte key error: error:8000000D:system library::Permission denied
2023/05/09 16:03:25 [harbor:2] Failed to accept new client: SSL: Privte key error: error:8000000D:system library::Permission denied
2023/05/09 16:03:25 [harbor:2] Failed to accept new client: SSL: Privte key error: error:8000000D:system library::Permission denied
2023/05/09 16:03:25 [harbor:2] Failed to accept new client: SSL: Certificate error: error:80000018:system library::Too many open files
2023/05/09 16:03:25 [harbor:2] Failed to accept new client: Too many open files in accept()
2023/05/09 16:03:25 [harbor:2] Failed to accept new client: Too many open files in accept()
2023/05/09 16:03:25 [harbor:2] Failed to accept new client: Too many open files in accept()
2023/05/09 16:03:25 [harbor:2] Failed to accept new client: Too many open files in accept()

Check ulimit -n on your raspberry.

Also spelling errors
https://github.com/savonet/ocaml-ssl/blob/dfba6793d939b46f55f0452bcbe04759286aa3fe/src/ssl.ml#L105
https://github.com/savonet/ocaml-ssl/blob/dfba6793d939b46f55f0452bcbe04759286aa3fe/src/ssl.ml#L108

[codeurimpulsif]

@vitoyucepi Yes on the raspberry pi the ulimit is 1024.

Of course I can increase it but I think it will just hide the real problem (the CLOSE_WAIT connections who are never flushed)?

[vitoyucepi]

Reproduction

1. Get debian 11 image.
   I use genericcloud-amd64 from https://cloud.debian.org/images/cloud/bullseye/20230501-1367/
   With cloud-init config.

   meta-data

   # vim: ft=yaml
   
   local-hostname: debian

   user-data

   #cloud-config
   
   # vim: ft=yaml
   
   users:
     - default
   
   system_info:
     default_user:
       name: debian
       lock_passwd: false
       plain_text_passwd: debian
   
   ssh_pwauth: true  
   
   package_update: true
   package_upgrade: true
   
   apt:
     primary:
       - arches: [default]
         uri: https://deb.debian.org/debian/
     security:
       - arches: [default]
         uri: https://deb.debian.org/debian-security/
     sources_list: |
         deb $PRIMARY $RELEASE main contrib non-free
         deb $PRIMARY $RELEASE-updates main contrib non-free
         deb $PRIMARY $RELEASE-backports main contrib non-free
         deb $SECURITY $RELEASE-security main contrib non-free

2. SSH into the host.

3. Get liquidsoap package.
   wget https://github.com/savonet/liquidsoap/releases/download/v2.1.4/liquidsoap_2.1.4-debian-bullseye-1_amd64.deb

4. Install liquidsoap.
   sudo apt-get install --no-install-recommends ./liquidsoap_2.1.4-debian-bullseye-1_amd64.deb

5. Generate self-signed ssl certificates.
   openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -sha256 -days 365 -subj '/CN=localhost' -nodes

6. Write config

   1.liq

   settings.harbor.ssl.certificate.set("cert.pem")
   settings.harbor.ssl.private_key.set("key.pem")
   
   live = input.harbor.ssl(
     "live",
     port=8005,
     password="test",
     icy=true,
   )
   output.dummy(mksafe(live))

7. Start liquidsoap.
   liquidsoap 1.liq

8. Open another SSH session.

9. Install netcat-openbsd.
   sudo apt-get install netcat-openbsd.

10. Run command nc -z localhost 8005.

11. Run command ss -tapn | grep CLOSE

[toots]

Thanks for reporting. This could point to file descriptor leak from libssl but, at any rate, we were instantiating a new context for each new connection, which doesn't seem standard according to: https://wiki.openssl.org/index.php/Simple_TLS_Server

I pushed a PR fixing this here: #3071 Any chance you could test? This would be with the v2.2.x API..

[vitoyucepi]

2.2.0+git@27ec137 looks the same

Log

INFO: Loading Sdl_image, Target = linux
INFO: Loading Sdl_ttf, Target = linux
2023/05/11 15:45:47 >>> LOG START
2023/05/11 15:45:40 [main:3] Liquidsoap 2.2.0+git@27ec13733
2023/05/11 15:45:40 [main:3] Using: alsa=0.3.0 angstrom=0.15.0 ao=0.2.4 asetmap=0.8.1 astring=0.8.5 base.caml=v0.15.1 base64=3.5.1 bigarray=[distributed with OCaml] bigarray-compat=1.1.0 bigstringaf=0.9.1 bjack=0.1.6 bytes=[distributed with OCaml] camlimages.all_formats=4.2.6 camlimages.core=5.0.4 camlimages.exif=5.0.4 camlimages.gif=5.0.4 camlimages.jpeg=5.0.4 camlimages.png=5.0.4 camlimages.tiff=5.0.4 camlimages.xpm=5.0.4 camlp-streams camomile=d3773ec camomile.lib=d3773ec cohttp=5.1.0 cohttp-lwt=5.1.0 cohttp-lwt-unix=5.1.0 conduit=6.2.0 conduit-lwt=6.2.0 conduit-lwt-unix=6.2.0 cry=1.0.0 ctypes=0.20.2 ctypes.foreign=0.20.2 ctypes.stubs=0.20.2 curl=0.9.2 domain-name=0.4.0 dssi=0.1.5 dtools=0.4.5 dune-build-info=3.7.1 dune-private-libs.dune-section=3.7.1 dune-site=3.7.1 dune-site.private=3.7.1 duppy=0.9.3 faad=0.5.2 fdkaac=0.3.3 ffmpeg-av=1.1.8 ffmpeg-avcodec=1.1.8 ffmpeg-avdevice=1.1.8 ffmpeg-avfilter=1.1.8 ffmpeg-avutil=1.1.8 ffmpeg-swresample=1.1.8 ffmpeg-swscale=1.1.8 fileutils=0.6.4 flac=0.4.0 flac.decoder=0.4.0 flac.ogg=0.4.0 fmt=0.9.0 frei0r=0.1.2 gd=1.0a5 gen=1.1 inotify=2.4.1 integers ipaddr=5.5.0 ipaddr-sexp=5.5.0 ipaddr.unix=5.5.0 irc-client irc-client-unix ladspa=0.2.2 lame=0.3.7 lastfm=0.3.3 lilv=0.1.0 liquidsoap-lang=2.2.0 liquidsoap-lang.console=2.2.0 liquidsoap_alsa=rolling-release-v2.2.x-54-g27ec137 liquidsoap_ao=rolling-release-v2.2.x-54-g27ec137 liquidsoap_bjack=rolling-release-v2.2.x-54-g27ec137 liquidsoap_builtins=rolling-release-v2.2.x-54-g27ec137 liquidsoap_camlimages=rolling-release-v2.2.x-54-g27ec137 liquidsoap_core=rolling-release-v2.2.x-54-g27ec137 liquidsoap_dssi=rolling-release-v2.2.x-54-g27ec137 liquidsoap_faad=rolling-release-v2.2.x-54-g27ec137 liquidsoap_fdkaac=rolling-release-v2.2.x-54-g27ec137 liquidsoap_ffmpeg=rolling-release-v2.2.x-54-g27ec137 liquidsoap_flac=rolling-release-v2.2.x-54-g27ec137 liquidsoap_frei0r=rolling-release-v2.2.x-54-g27ec137 liquidsoap_gd=rolling-release-v2.2.x-54-g27ec137 liquidsoap_irc=rolling-release-v2.2.x-54-g27ec137 liquidsoap_ladspa=rolling-release-v2.2.x-54-g27ec137 liquidsoap_lame=rolling-release-v2.2.x-54-g27ec137 liquidsoap_lastfm=rolling-release-v2.2.x-54-g27ec137 liquidsoap_lilv=rolling-release-v2.2.x-54-g27ec137 liquidsoap_lo=rolling-release-v2.2.x-54-g27ec137 liquidsoap_mad=rolling-release-v2.2.x-54-g27ec137 liquidsoap_magic=rolling-release-v2.2.x-54-g27ec137 liquidsoap_mem_usage=rolling-release-v2.2.x-54-g27ec137 liquidsoap_memtrace=rolling-release-v2.2.x-54-g27ec137 liquidsoap_ogg=rolling-release-v2.2.x-54-g27ec137 liquidsoap_ogg_flac=rolling-release-v2.2.x-54-g27ec137 liquidsoap_optionals=rolling-release-v2.2.x-54-g27ec137 liquidsoap_opus=rolling-release-v2.2.x-54-g27ec137 liquidsoap_osc=rolling-release-v2.2.x-54-g27ec137 liquidsoap_oss=rolling-release-v2.2.x-54-g27ec137 liquidsoap_portaudio=rolling-release-v2.2.x-54-g27ec137 liquidsoap_posix_time=rolling-release-v2.2.x-54-g27ec137 liquidsoap_prometheus=rolling-release-v2.2.x-54-g27ec137 liquidsoap_pulseaudio=rolling-release-v2.2.x-54-g27ec137 liquidsoap_runtime=rolling-release-v2.2.x-54-g27ec137 liquidsoap_samplerate=rolling-release-v2.2.x-54-g27ec137 liquidsoap_sdl=rolling-release-v2.2.x-54-g27ec137 liquidsoap_shine=rolling-release-v2.2.x-54-g27ec137 liquidsoap_soundtouch=rolling-release-v2.2.x-54-g27ec137 liquidsoap_speex=rolling-release-v2.2.x-54-g27ec137 liquidsoap_srt=rolling-release-v2.2.x-54-g27ec137 liquidsoap_ssl=rolling-release-v2.2.x-54-g27ec137 liquidsoap_stereotool=rolling-release-v2.2.x-54-g27ec137 liquidsoap_taglib=rolling-release-v2.2.x-54-g27ec137 liquidsoap_theora=rolling-release-v2.2.x-54-g27ec137 liquidsoap_vorbis=rolling-release-v2.2.x-54-g27ec137 liquidsoap_xmlplaylist=rolling-release-v2.2.x-54-g27ec137 liquidsoap_yaml=rolling-release-v2.2.x-54-g27ec137 lo=0.2.0 logs=0.7.0 logs.fmt=0.7.0 logs.lwt=0.7.0 lwt=5.6.1 lwt.unix=5.6.1 macaddr=5.5.0 mad=0.5.3 magic=0.7.3 magic-mime=1.3.0 mem_usage=0.0.4 memtrace=0.2.3 menhirLib=20220210 metadata=0.2.0 mm=0.8.3 mm.audio=0.8.3 mm.base=0.8.3 mm.image=0.8.3 mm.midi=0.8.3 mm.video=0.8.3 ocplib-endian ocplib-endian.bigstring ogg=0.7.4 ogg.decoder=0.7.4 opus=0.2.3 opus.decoder=0.2.3 osc osc-unix parsexp=v0.15.0 pcre=7.5.0 portaudio=0.2.3 posix-base=65ec333 posix-socket=65ec333 posix-socket.constants=65ec333 posix-socket.stubs=65ec333 posix-socket.types=65ec333 posix-time2=65ec333 posix-time2.constants=65ec333 posix-time2.stubs=65ec333 posix-time2.types=65ec333 posix-types=65ec333 posix-types.constants=65ec333 ppx_sexp_conv.runtime-lib=v0.15.0 prometheus=1.2 prometheus-app=1.2 pulseaudio=0.1.6 re=1.10.4 result=1.5 samplerate=0.1.6 sedlex=3.1 seq=[distributed with OCaml 4.07 or above] sexplib=v0.15.1 sexplib0=v0.15.0 shine=0.2.3 soundtouch=0.1.9 speex=0.4.2 speex.decoder=0.4.2 srt=0.3.0 srt.constants=0.3.0 srt.stubs=0.3.0 srt.stubs.locked=0.3.0 srt.types=0.3.0 ssl=0.5.13 stdlib-shims=0.3.0 stereotool=rolling-release-v2.2.x-54-g27ec137 str=[distributed with OCaml] stringext=1.6.0 taglib=0.3.10 theora=0.4.1 theora.decoder=0.4.1 threads=[distributed with OCaml] threads.posix=[distributed with OCaml] tsdl=v1.0.0 tsdl-image=0.5 tsdl-ttf=0.5 unix=[distributed with OCaml] unix-errno=0.6.2 unix-errno.errno_bindings=0.6.2 unix-errno.errno_types=0.6.2 unix-errno.errno_types_detected=0.6.2 unix-errno.unix=0.6.2 uri=4.2.0 uri-sexp=4.2.0 uri.services=4.2.0 vorbis=0.8.1 vorbis.decoder=0.8.1 xmlm=1.4.0 xmlplaylist=0.1.5 yaml=3.1.0 yaml.bindings=3.1.0 yaml.bindings.types=3.1.0 yaml.c=3.1.0 yaml.ffi=3.1.0 yaml.types=3.1.0
2023/05/11 15:45:40 [clock:3] Using native (high-precision) implementation for latency control
2023/05/11 15:45:47 [main:3] Standard library loaded in 7.10 seconds.
2023/05/11 15:45:47 [frame:4] frame.audio.samplerate set to: 44100
2023/05/11 15:45:47 [frame:4] frame.video.framerate set to: 25
2023/05/11 15:45:47 [frame:4] frame.audio.channels set to: 2
2023/05/11 15:45:47 [frame:4] frame.video.default set to: false
2023/05/11 15:45:47 [frame:4] frame.midi.channels set to: 0
2023/05/11 15:45:47 [frame:4] frame.video.width set to: 1280
2023/05/11 15:45:47 [frame:4] frame.video.height set to: 720
2023/05/11 15:45:47 [frame:4] frame.audio.samplerate set to: 44100
2023/05/11 15:45:47 [frame:3] Using 44100Hz audio, 25Hz video, 44100Hz main.
2023/05/11 15:45:47 [frame:3] Video frame size set to: 1280x720
2023/05/11 15:45:47 [frame:3] Frame size must be a multiple of 1764 ticks = 1764 audio samples = 1 video samples.
2023/05/11 15:45:47 [frame:3] Targeting 'frame.duration': 0.04s = 1764 audio samples = 1764 ticks.
2023/05/11 15:45:47 [frame:3] Frames last 0.04s = 1764 audio samples = 1 video samples = 1764 ticks.
2023/05/11 15:45:47 [sandbox:3] Sandboxing disabled
2023/05/11 15:45:47 [startup:3] DSSI plugins registration: 0.00s
2023/05/11 15:45:47 [startup:3] FFmpeg filters registration: 0.02s
2023/05/11 15:45:47 [startup:3] FFmpeg bitstream filters registration: 0.00s
2023/05/11 15:45:47 [startup:3] Lilv plugins registration: 0.00s
2023/05/11 15:45:47 [startup:3] Frei0r plugin registration: 0.00s
2023/05/11 15:45:47 [startup:3] LADSPA plugins registration: 0.00s
2023/05/11 15:45:47 [startup:3] Typechecking: 6.92s
2023/05/11 15:45:47 [startup:3] Evaluation: 0.02s
2023/05/11 15:45:47 [startup:3] Typechecking: 0.03s
2023/05/11 15:45:47 [startup:3] Evaluation: 0.00s
2023/05/11 15:45:47 [startup:3] Typechecking: 0.01s
2023/05/11 15:45:47 [startup:3] Evaluation: 0.00s
2023/05/11 15:45:47 [startup:3] Loaded 1.liq: 0.01s
2023/05/11 15:45:47 [video.converter:3] Using preferred video converter: ffmpeg.
2023/05/11 15:45:47 [audio.converter:3] Using samplerate converter: libsamplerate.
2023/05/11 15:45:47 [lifecycle:5] At stage: "Liquidsoap application start"
2023/05/11 15:45:47 [clock:4] Currently 1 clock(s) allocated.
2023/05/11 15:45:47 [clock.main:4] Starting 2 source(s)...
2023/05/11 15:45:47 [input.harbor_0:5] Assigning source content type for frame type: something that is a set of internal tracks
2023/05/11 15:45:47 [input.harbor_0:5] Content type: {audio=pcm(stereo)}
2023/05/11 15:45:47 [source:4] Source input.harbor_0 gets up with content type: {audio=pcm(stereo)}.
2023/05/11 15:45:47 [input.harbor_0:5] Clock is main[].
2023/05/11 15:45:47 [input.harbor_0:3] Content type is {audio=pcm(stereo)}.
2023/05/11 15:45:47 [harbor:4] Opening port 8005 with icy = false
2023/05/11 15:45:47 [harbor:4] Opening port 8006 with icy = true
2023/05/11 15:45:47 [harbor:3] Adding mountpoint '/live' on port 8005
2023/05/11 15:45:47 [input.harbor_0:5] Activations changed: static=[input.harbor_0], dynamic=[].
2023/05/11 15:45:47 [input.harbor_0:5] Enabling caching mode: active source.
2023/05/11 15:45:47 [output.dummy_0:5] Assigning source content type for frame type: {audio : pcm(stereo)}
2023/05/11 15:45:47 [output.dummy_0:5] Content type: {audio=pcm(stereo)}
2023/05/11 15:45:47 [source:4] Source output.dummy_0 gets up with content type: {audio=pcm(stereo)}.
2023/05/11 15:45:47 [dummy:5] Clock is main[].
2023/05/11 15:45:47 [dummy:3] Content type is {audio=pcm(stereo)}.
2023/05/11 15:45:47 [mksafe:5] Assigning source content type for frame type: {audio : pcm(stereo)}
2023/05/11 15:45:47 [mksafe:5] Content type: {audio=pcm(stereo)}
2023/05/11 15:45:47 [source:4] Source mksafe gets up with content type: {audio=pcm(stereo)}.
2023/05/11 15:45:47 [input.harbor_0:5] Activations changed: static=[input.harbor_0], dynamic=[mksafe:dummy:dummy].
2023/05/11 15:45:47 [safe_blank:5] Assigning source content type for frame type: {audio : pcm(stereo)}
2023/05/11 15:45:47 [safe_blank:5] Content type: {audio=pcm(stereo)}
2023/05/11 15:45:47 [source:4] Source safe_blank gets up with content type: {audio=pcm(stereo)}.
2023/05/11 15:45:47 [safe_blank:5] Clock is main[].
2023/05/11 15:45:47 [safe_blank:3] Content type is {audio=pcm(stereo)}.
2023/05/11 15:45:47 [safe_blank:5] Activations changed: static=[], dynamic=[mksafe:dummy:dummy].
2023/05/11 15:45:47 [mksafe:5] Activations changed: static=[dummy:dummy], dynamic=[].
2023/05/11 15:45:47 [input.harbor_0:5] Not ready: need more buffering (0/529200).
2023/05/11 15:45:47 [dummy:5] Activations changed: static=[dummy], dynamic=[].
2023/05/11 15:45:47 [dummy:5] Enabling caching mode: active source.
2023/05/11 15:45:47 [threads:4] Created thread "clock_main" (1 total).
2023/05/11 15:45:47 [clock:4] Main phase starts.
2023/05/11 15:45:47 [threads:4] Created thread "generic queue #1" (1 total).
2023/05/11 15:45:47 [threads:4] Created thread "generic queue #2" (2 total).
2023/05/11 15:45:47 [threads:4] Created thread "non-blocking queue #1" (3 total).
2023/05/11 15:45:47 [threads:4] Created thread "non-blocking queue #2" (4 total).
2023/05/11 15:45:47 [video.text:3] Using sdl implementation
2023/05/11 15:45:47 [clock.main:3] Streaming loop starts in auto-sync mode
2023/05/11 15:45:47 [clock.main:3] Delegating synchronisation to CPU clock
2023/05/11 15:45:47 [mksafe:3] Switch to safe_blank.
2023/05/11 15:45:47 [safe_blank:5] Activations changed: static=[mksafe:dummy:dummy], dynamic=[mksafe:dummy:dummy].
2023/05/11 15:45:54 [harbor:2] Failed to accept new client: SSL accept() error: error:00000000:lib(0):func(0):reason(0)
2023/05/11 15:45:55 [harbor:2] Failed to accept new client: SSL accept() error: error:00000000:lib(0):func(0):reason(0)
2023/05/11 15:45:55 [harbor:2] Failed to accept new client: SSL accept() error: error:00000000:lib(0):func(0):reason(0)

ss -tapn | grep CLOSE

CLOSE-WAIT 0      0          127.0.0.1:8005     127.0.0.1:37354 users:(("liquidsoap",pid=4187,fd=20))                
CLOSE-WAIT 0      0          127.0.0.1:8005     127.0.0.1:37358 users:(("liquidsoap",pid=4187,fd=21))                
CLOSE-WAIT 0      0          127.0.0.1:8005     127.0.0.1:37348 users:(("liquidsoap",pid=4187,fd=19))

Config

settings.log.level := 6

ssl_transport = http.transport.ssl(
  certificate="cert.pem",
  key="key.pem",
)

live = input.harbor(
  "live",
  transport=ssl_transport,
  port=8005,
  password="test",
  icy=true,
)
output.dummy(mksafe(live))

[toots]

This should be fixed now!

[toots]

@vitoyucepi what do you use to generate certificate and key?

In the tests, we use:

openssl req -x509 -newkey rsa:4096 -keyout ssl.key -out ssl.cert -sha256 -days 3650 -nodes -subj /C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=localhost

Then:

transport = http.transport.ssl(
  certificate="./ssl.cert",
  key="./ssl.key"
)

port = random.int(min=8000, max=10000)

s = sine()

output.icecast(
  port=port,
  mount="ssl_test",
  transport=transport,
  %vorbis,
  s)

i = input.harbor(
  buffer=2.,
  port=port,
  transport=transport,
  "ssl_test")

i = source.on_track(i, fun (_) -> test.pass())

output.dummy(fallible=true, i)

[vitoyucepi]

1. @vitoyucepi what do you use to generate certificate and key?

   Generally I use this command

   openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -sha256 -days 365 -subj '/CN=localhost' -nodes

2. There's another test.

   [harbor:2] Failed to accept new client: SSL: Privte key error: error:8000000D:system library::Permission denied

   To get this you have to chmod 0000 key.pem, or run from a user, that has no access to key file.

3. @toots, take a look at icy=true

   input.harbor.ssl(
     "live",
     port=8005,
     password="test",
     icy=true,
   )

I'll check the release artifacts from https://github.com/savonet/liquidsoap/actions/runs/4972860470

[vitoyucepi]

Liquidsoap 2.2.0+git@4af8db1

The same problem as before.

Log

INFO: Loading Sdl_image, Target = linux
INFO: Loading Sdl_ttf, Target = linux
2023/05/14 15:42:39 >>> LOG START
2023/05/14 15:42:32 [main:3] Liquidsoap 2.2.0+git@4af8db175
2023/05/14 15:42:32 [main:3] Using: alsa=0.3.0 angstrom=0.15.0 ao=0.2.4 asetmap=0.8.1 asn1-combinators=0.2.6 astring=0.8.5 base.caml=v0.15.1 base64=3.5.1 bigarray=[distributed with OCaml] bigarray-compat=1.1.0 bigstringaf=0.9.1 bjack=0.1.6 bos=0.2.1 bytes=[distributed with OCaml] ca-certs=v0.2.3 camlimages.all_formats=4.2.6 camlimages.core=5.0.4 camlimages.exif=5.0.4 camlimages.gif=5.0.4 camlimages.jpeg=5.0.4 camlimages.png=5.0.4 camlimages.tiff=5.0.4 camlimages.xpm=5.0.4 camlp-streams camomile=d3773ec camomile.lib=d3773ec cohttp=5.1.0 cohttp-lwt=5.1.0 cohttp-lwt-unix=5.1.0 conduit=6.2.0 conduit-lwt=6.2.0 conduit-lwt-unix=6.2.0 cry=1.0.0 cstruct=6.2.0 ctypes=0.20.2 ctypes.foreign=0.20.2 ctypes.stubs=0.20.2 curl=0.9.2 domain-name=0.4.0 dssi=0.1.5 dtools=0.4.5 dune-build-info=3.7.1 dune-private-libs.dune-section=3.7.1 dune-site=3.7.1 dune-site.private=3.7.1 duppy=0.9.3 eqaf=0.9 eqaf.bigstring=0.9 eqaf.cstruct=0.9 faad=0.5.2 fdkaac=0.3.3 ffmpeg-av=1.1.8 ffmpeg-avcodec=1.1.8 ffmpeg-avdevice=1.1.8 ffmpeg-avfilter=1.1.8 ffmpeg-avutil=1.1.8 ffmpeg-swresample=1.1.8 ffmpeg-swscale=1.1.8 fileutils=0.6.4 flac=0.4.0 flac.decoder=0.4.0 flac.ogg=0.4.0 fmt=0.9.0 fpath=0.7.3 frei0r=0.1.2 gd=1.0a5 gen=1.1 gmap=0.3.0 hkdf=1.0.4 inotify=2.4.1 integers ipaddr=5.5.0 ipaddr-sexp=5.5.0 ipaddr.unix=5.5.0 irc-client irc-client-unix ladspa=0.2.2 lame=0.3.7 lastfm=0.3.3 lilv=0.1.0 liquidsoap-lang=2.2.0 liquidsoap-lang.console=2.2.0 liquidsoap_alsa=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ao=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_bjack=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_builtins=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_camlimages=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_core=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_dssi=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_faad=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_fdkaac=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ffmpeg=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_flac=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_frei0r=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_gd=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_irc=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ladspa=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_lame=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_lastfm=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_lilv=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_lo=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_mad=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_magic=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_mem_usage=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_memtrace=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ogg=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ogg_flac=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_optionals=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_opus=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_osc=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_oss=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_portaudio=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_posix_time=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_prometheus=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_pulseaudio=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_runtime=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_samplerate=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_sdl=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_shine=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_soundtouch=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_speex=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_srt=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ssl=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_stereotool=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_taglib=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_theora=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_tls=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_vorbis=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_xmlplaylist=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_yaml=rolling-release-v2.2.x-54-g4af8db1 lo=0.2.0 logs=0.7.0 logs.fmt=0.7.0 logs.lwt=0.7.0 lwt=5.6.1 lwt.unix=5.6.1 macaddr=5.5.0 mad=0.5.3 magic=0.7.3 magic-mime=1.3.0 mem_usage=0.0.4 memtrace=0.2.3 menhirLib=20220210 metadata=0.2.0 mirage-crypto=0.11.1 mirage-crypto-ec=0.11.1 mirage-crypto-pk=0.11.1 mirage-crypto-rng=0.11.1 mirage-crypto-rng.unix=0.11.1 mm=0.8.3 mm.audio=0.8.3 mm.base=0.8.3 mm.image=0.8.3 mm.midi=0.8.3 mm.video=0.8.3 ocplib-endian ocplib-endian.bigstring ogg=0.7.4 ogg.decoder=0.7.4 opus=0.2.3 opus.decoder=0.2.3 osc osc-unix parsexp=v0.15.0 pbkdf pcre=7.5.0 portaudio=0.2.3 posix-base=65ec333 posix-socket=65ec333 posix-socket.constants=65ec333 posix-socket.stubs=65ec333 posix-socket.types=65ec333 posix-time2=65ec333 posix-time2.constants=65ec333 posix-time2.stubs=65ec333 posix-time2.types=65ec333 posix-types=65ec333 posix-types.constants=65ec333 ppx_sexp_conv.runtime-lib=v0.15.0 prometheus=1.2 prometheus-app=1.2 ptime=1.1.0 ptime.clock.os=1.1.0 pulseaudio=0.1.6 re=1.10.4 result=1.5 rresult=0.7.0 samplerate=0.1.6 sedlex=3.1 seq=[distributed with OCaml 4.07 or above] sexplib=v0.15.1 sexplib0=v0.15.0 shine=0.2.3 soundtouch=0.1.9 speex=0.4.2 speex.decoder=0.4.2 srt=0.3.0 srt.constants=0.3.0 srt.stubs=0.3.0 srt.stubs.locked=0.3.0 srt.types=0.3.0 ssl=0.5.13 stdlib-shims=0.3.0 stereotool=rolling-release-v2.2.x-54-g4af8db1 str=[distributed with OCaml] stringext=1.6.0 taglib=0.3.10 theora=0.4.1 theora.decoder=0.4.1 threads=[distributed with OCaml] threads.posix=[distributed with OCaml] tls=0.17.0 tsdl=v1.0.0 tsdl-image=0.5 tsdl-ttf=0.5 unix=[distributed with OCaml] unix-errno=0.6.2 unix-errno.errno_bindings=0.6.2 unix-errno.errno_types=0.6.2 unix-errno.errno_types_detected=0.6.2 unix-errno.unix=0.6.2 uri=4.2.0 uri-sexp=4.2.0 uri.services=4.2.0 vorbis=0.8.1 vorbis.decoder=0.8.1 x509=0.16.4 xmlm=1.4.0 xmlplaylist=0.1.5 yaml=3.1.0 yaml.bindings=3.1.0 yaml.bindings.types=3.1.0 yaml.c=3.1.0 yaml.ffi=3.1.0 yaml.types=3.1.0 zarith=1.12
2023/05/14 15:42:32 [clock:3] Using native (high-precision) implementation for latency control
2023/05/14 15:42:39 [main:3] Standard library loaded in 7.35 seconds.
2023/05/14 15:42:39 [frame:4] frame.audio.samplerate set to: 44100
2023/05/14 15:42:39 [frame:4] frame.video.framerate set to: 25
2023/05/14 15:42:39 [frame:4] frame.audio.channels set to: 2
2023/05/14 15:42:39 [frame:4] frame.video.default set to: false
2023/05/14 15:42:39 [frame:4] frame.midi.channels set to: 0
2023/05/14 15:42:39 [frame:4] frame.video.width set to: 1280
2023/05/14 15:42:39 [frame:4] frame.video.height set to: 720
2023/05/14 15:42:39 [frame:4] frame.audio.samplerate set to: 44100
2023/05/14 15:42:39 [frame:3] Using 44100Hz audio, 25Hz video, 44100Hz main.
2023/05/14 15:42:39 [frame:3] Video frame size set to: 1280x720
2023/05/14 15:42:39 [frame:3] Frame size must be a multiple of 1764 ticks = 1764 audio samples = 1 video samples.
2023/05/14 15:42:39 [frame:3] Targeting 'frame.duration': 0.04s = 1764 audio samples = 1764 ticks.
2023/05/14 15:42:39 [frame:3] Frames last 0.04s = 1764 audio samples = 1 video samples = 1764 ticks.
2023/05/14 15:42:39 [sandbox:3] Sandboxing disabled
2023/05/14 15:42:39 [startup:3] DSSI plugins registration: 0.00s
2023/05/14 15:42:39 [startup:3] FFmpeg filters registration: 0.02s
2023/05/14 15:42:39 [startup:3] FFmpeg bitstream filters registration: 0.00s
2023/05/14 15:42:39 [startup:3] Lilv plugins registration: 0.00s
2023/05/14 15:42:39 [startup:3] Frei0r plugin registration: 0.00s
2023/05/14 15:42:39 [startup:3] LADSPA plugins registration: 0.00s
2023/05/14 15:42:39 [startup:3] Typechecking: 7.15s
2023/05/14 15:42:39 [startup:3] Evaluation: 0.02s
2023/05/14 15:42:39 [startup:3] Typechecking: 0.03s
2023/05/14 15:42:39 [startup:3] Evaluation: 0.00s
2023/05/14 15:42:39 [startup:3] Typechecking: 0.01s
2023/05/14 15:42:39 [startup:3] Evaluation: 0.00s
2023/05/14 15:42:39 [startup:3] Loaded 1.liq: 0.01s
2023/05/14 15:42:39 [video.converter:3] Using preferred video converter: ffmpeg.
2023/05/14 15:42:39 [audio.converter:3] Using samplerate converter: libsamplerate.
2023/05/14 15:42:39 [lifecycle:5] At stage: "Liquidsoap application start"
2023/05/14 15:42:39 [clock:4] Currently 1 clock(s) allocated.
2023/05/14 15:42:39 [clock.main:4] Starting 2 source(s)...
2023/05/14 15:42:39 [input.harbor_0:5] Assigning source content type for frame type: something that is a set of internal tracks
2023/05/14 15:42:39 [input.harbor_0:5] Content type: {audio=pcm(stereo)}
2023/05/14 15:42:39 [source:4] Source input.harbor_0 gets up with content type: {audio=pcm(stereo)}.
2023/05/14 15:42:39 [input.harbor_0:5] Clock is main[].
2023/05/14 15:42:39 [input.harbor_0:3] Content type is {audio=pcm(stereo)}.
2023/05/14 15:42:39 [harbor:4] Opening port 8005 with icy = false
2023/05/14 15:42:39 [harbor:4] Opening port 8006 with icy = true
2023/05/14 15:42:39 [harbor:3] Adding mountpoint '/live' on port 8005
2023/05/14 15:42:39 [input.harbor_0:5] Activations changed: static=[input.harbor_0], dynamic=[].
2023/05/14 15:42:39 [input.harbor_0:5] Enabling caching mode: active source.
2023/05/14 15:42:39 [output.dummy_0:5] Assigning source content type for frame type: {audio : pcm(stereo)}
2023/05/14 15:42:39 [output.dummy_0:5] Content type: {audio=pcm(stereo)}
2023/05/14 15:42:39 [source:4] Source output.dummy_0 gets up with content type: {audio=pcm(stereo)}.
2023/05/14 15:42:39 [dummy:5] Clock is main[].
2023/05/14 15:42:39 [dummy:3] Content type is {audio=pcm(stereo)}.
2023/05/14 15:42:39 [mksafe:5] Assigning source content type for frame type: {audio : pcm(stereo)}
2023/05/14 15:42:39 [mksafe:5] Content type: {audio=pcm(stereo)}
2023/05/14 15:42:39 [source:4] Source mksafe gets up with content type: {audio=pcm(stereo)}.
2023/05/14 15:42:39 [input.harbor_0:5] Activations changed: static=[input.harbor_0], dynamic=[mksafe:dummy:dummy].
2023/05/14 15:42:39 [safe_blank:5] Assigning source content type for frame type: {audio : pcm(stereo)}
2023/05/14 15:42:39 [safe_blank:5] Content type: {audio=pcm(stereo)}
2023/05/14 15:42:39 [source:4] Source safe_blank gets up with content type: {audio=pcm(stereo)}.
2023/05/14 15:42:39 [safe_blank:5] Clock is main[].
2023/05/14 15:42:39 [safe_blank:3] Content type is {audio=pcm(stereo)}.
2023/05/14 15:42:39 [safe_blank:5] Activations changed: static=[], dynamic=[mksafe:dummy:dummy].
2023/05/14 15:42:39 [mksafe:5] Activations changed: static=[dummy:dummy], dynamic=[].
2023/05/14 15:42:39 [input.harbor_0:5] Not ready: need more buffering (0/529200).
2023/05/14 15:42:39 [dummy:5] Activations changed: static=[dummy], dynamic=[].
2023/05/14 15:42:39 [dummy:5] Enabling caching mode: active source.
2023/05/14 15:42:39 [threads:4] Created thread "clock_main" (1 total).
2023/05/14 15:42:39 [clock:4] Main phase starts.
2023/05/14 15:42:39 [threads:4] Created thread "generic queue #1" (1 total).
2023/05/14 15:42:39 [threads:4] Created thread "generic queue #2" (2 total).
2023/05/14 15:42:39 [threads:4] Created thread "non-blocking queue #1" (3 total).
2023/05/14 15:42:39 [threads:4] Created thread "non-blocking queue #2" (4 total).
2023/05/14 15:42:39 [clock.main:3] Streaming loop starts in auto-sync mode
2023/05/14 15:42:39 [clock.main:3] Delegating synchronisation to CPU clock
2023/05/14 15:42:39 [video.text:3] Using sdl implementation
2023/05/14 15:42:39 [mksafe:3] Switch to safe_blank.
2023/05/14 15:42:39 [safe_blank:5] Activations changed: static=[mksafe:dummy:dummy], dynamic=[mksafe:dummy:dummy].
2023/05/14 15:43:04 [harbor:2] Failed to accept new client: SSL accept() error: error:00000000:lib(0):func(0):reason(0)

ss -tapn | grep CLOSE

CLOSE-WAIT 0      0          127.0.0.1:8005     127.0.0.1:53518 users:(("liquidsoap",pid=7281,fd=21))
CLOSE-WAIT 0      0          127.0.0.1:8005     127.0.0.1:53530 users:(("liquidsoap",pid=7281,fd=22))
CLOSE-WAIT 0      0          127.0.0.1:8005     127.0.0.1:34556 users:(("liquidsoap",pid=7281,fd=19))

Config

settings.log.level := 6

ssl_transport = http.transport.ssl(
  certificate="cert.pem",
  key="key.pem",
)

live = input.harbor(
  "live",
  transport=ssl_transport,
  port=8005,
  password="test",
  icy=true,
)
output.dummy(mksafe(live))

If I change the rights, then server will shutdown after a bunch of errors.

Log

INFO: Loading Sdl_image, Target = linux
INFO: Loading Sdl_ttf, Target = linux
2023/05/14 15:50:14 >>> LOG START
2023/05/14 15:50:07 [main:3] Liquidsoap 2.2.0+git@4af8db175
2023/05/14 15:50:07 [main:3] Using: alsa=0.3.0 angstrom=0.15.0 ao=0.2.4 asetmap=0.8.1 asn1-combinators=0.2.6 astring=0.8.5 base.caml=v0.15.1 base64=3.5.1 bigarray=[distributed with OCaml] bigarray-compat=1.1.0 bigstringaf=0.9.1 bjack=0.1.6 bos=0.2.1 bytes=[distributed with OCaml] ca-certs=v0.2.3 camlimages.all_formats=4.2.6 camlimages.core=5.0.4 camlimages.exif=5.0.4 camlimages.gif=5.0.4 camlimages.jpeg=5.0.4 camlimages.png=5.0.4 camlimages.tiff=5.0.4 camlimages.xpm=5.0.4 camlp-streams camomile=d3773ec camomile.lib=d3773ec cohttp=5.1.0 cohttp-lwt=5.1.0 cohttp-lwt-unix=5.1.0 conduit=6.2.0 conduit-lwt=6.2.0 conduit-lwt-unix=6.2.0 cry=1.0.0 cstruct=6.2.0 ctypes=0.20.2 ctypes.foreign=0.20.2 ctypes.stubs=0.20.2 curl=0.9.2 domain-name=0.4.0 dssi=0.1.5 dtools=0.4.5 dune-build-info=3.7.1 dune-private-libs.dune-section=3.7.1 dune-site=3.7.1 dune-site.private=3.7.1 duppy=0.9.3 eqaf=0.9 eqaf.bigstring=0.9 eqaf.cstruct=0.9 faad=0.5.2 fdkaac=0.3.3 ffmpeg-av=1.1.8 ffmpeg-avcodec=1.1.8 ffmpeg-avdevice=1.1.8 ffmpeg-avfilter=1.1.8 ffmpeg-avutil=1.1.8 ffmpeg-swresample=1.1.8 ffmpeg-swscale=1.1.8 fileutils=0.6.4 flac=0.4.0 flac.decoder=0.4.0 flac.ogg=0.4.0 fmt=0.9.0 fpath=0.7.3 frei0r=0.1.2 gd=1.0a5 gen=1.1 gmap=0.3.0 hkdf=1.0.4 inotify=2.4.1 integers ipaddr=5.5.0 ipaddr-sexp=5.5.0 ipaddr.unix=5.5.0 irc-client irc-client-unix ladspa=0.2.2 lame=0.3.7 lastfm=0.3.3 lilv=0.1.0 liquidsoap-lang=2.2.0 liquidsoap-lang.console=2.2.0 liquidsoap_alsa=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ao=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_bjack=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_builtins=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_camlimages=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_core=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_dssi=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_faad=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_fdkaac=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ffmpeg=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_flac=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_frei0r=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_gd=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_irc=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ladspa=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_lame=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_lastfm=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_lilv=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_lo=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_mad=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_magic=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_mem_usage=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_memtrace=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ogg=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ogg_flac=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_optionals=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_opus=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_osc=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_oss=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_portaudio=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_posix_time=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_prometheus=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_pulseaudio=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_runtime=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_samplerate=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_sdl=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_shine=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_soundtouch=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_speex=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_srt=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_ssl=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_stereotool=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_taglib=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_theora=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_tls=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_vorbis=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_xmlplaylist=rolling-release-v2.2.x-54-g4af8db1 liquidsoap_yaml=rolling-release-v2.2.x-54-g4af8db1 lo=0.2.0 logs=0.7.0 logs.fmt=0.7.0 logs.lwt=0.7.0 lwt=5.6.1 lwt.unix=5.6.1 macaddr=5.5.0 mad=0.5.3 magic=0.7.3 magic-mime=1.3.0 mem_usage=0.0.4 memtrace=0.2.3 menhirLib=20220210 metadata=0.2.0 mirage-crypto=0.11.1 mirage-crypto-ec=0.11.1 mirage-crypto-pk=0.11.1 mirage-crypto-rng=0.11.1 mirage-crypto-rng.unix=0.11.1 mm=0.8.3 mm.audio=0.8.3 mm.base=0.8.3 mm.image=0.8.3 mm.midi=0.8.3 mm.video=0.8.3 ocplib-endian ocplib-endian.bigstring ogg=0.7.4 ogg.decoder=0.7.4 opus=0.2.3 opus.decoder=0.2.3 osc osc-unix parsexp=v0.15.0 pbkdf pcre=7.5.0 portaudio=0.2.3 posix-base=65ec333 posix-socket=65ec333 posix-socket.constants=65ec333 posix-socket.stubs=65ec333 posix-socket.types=65ec333 posix-time2=65ec333 posix-time2.constants=65ec333 posix-time2.stubs=65ec333 posix-time2.types=65ec333 posix-types=65ec333 posix-types.constants=65ec333 ppx_sexp_conv.runtime-lib=v0.15.0 prometheus=1.2 prometheus-app=1.2 ptime=1.1.0 ptime.clock.os=1.1.0 pulseaudio=0.1.6 re=1.10.4 result=1.5 rresult=0.7.0 samplerate=0.1.6 sedlex=3.1 seq=[distributed with OCaml 4.07 or above] sexplib=v0.15.1 sexplib0=v0.15.0 shine=0.2.3 soundtouch=0.1.9 speex=0.4.2 speex.decoder=0.4.2 srt=0.3.0 srt.constants=0.3.0 srt.stubs=0.3.0 srt.stubs.locked=0.3.0 srt.types=0.3.0 ssl=0.5.13 stdlib-shims=0.3.0 stereotool=rolling-release-v2.2.x-54-g4af8db1 str=[distributed with OCaml] stringext=1.6.0 taglib=0.3.10 theora=0.4.1 theora.decoder=0.4.1 threads=[distributed with OCaml] threads.posix=[distributed with OCaml] tls=0.17.0 tsdl=v1.0.0 tsdl-image=0.5 tsdl-ttf=0.5 unix=[distributed with OCaml] unix-errno=0.6.2 unix-errno.errno_bindings=0.6.2 unix-errno.errno_types=0.6.2 unix-errno.errno_types_detected=0.6.2 unix-errno.unix=0.6.2 uri=4.2.0 uri-sexp=4.2.0 uri.services=4.2.0 vorbis=0.8.1 vorbis.decoder=0.8.1 x509=0.16.4 xmlm=1.4.0 xmlplaylist=0.1.5 yaml=3.1.0 yaml.bindings=3.1.0 yaml.bindings.types=3.1.0 yaml.c=3.1.0 yaml.ffi=3.1.0 yaml.types=3.1.0 zarith=1.12
2023/05/14 15:50:07 [clock:3] Using native (high-precision) implementation for latency control
2023/05/14 15:50:14 [main:3] Standard library loaded in 7.15 seconds.
2023/05/14 15:50:14 [frame:4] frame.audio.samplerate set to: 44100
2023/05/14 15:50:14 [frame:4] frame.video.framerate set to: 25
2023/05/14 15:50:14 [frame:4] frame.audio.channels set to: 2
2023/05/14 15:50:14 [frame:4] frame.video.default set to: false
2023/05/14 15:50:14 [frame:4] frame.midi.channels set to: 0
2023/05/14 15:50:14 [frame:4] frame.video.width set to: 1280
2023/05/14 15:50:14 [frame:4] frame.video.height set to: 720
2023/05/14 15:50:14 [frame:4] frame.audio.samplerate set to: 44100
2023/05/14 15:50:14 [frame:3] Using 44100Hz audio, 25Hz video, 44100Hz main.
2023/05/14 15:50:14 [frame:3] Video frame size set to: 1280x720
2023/05/14 15:50:14 [frame:3] Frame size must be a multiple of 1764 ticks = 1764 audio samples = 1 video samples.
2023/05/14 15:50:14 [frame:3] Targeting 'frame.duration': 0.04s = 1764 audio samples = 1764 ticks.
2023/05/14 15:50:14 [frame:3] Frames last 0.04s = 1764 audio samples = 1 video samples = 1764 ticks.
2023/05/14 15:50:14 [sandbox:3] Sandboxing disabled
2023/05/14 15:50:14 [startup:3] DSSI plugins registration: 0.00s
2023/05/14 15:50:14 [startup:3] FFmpeg filters registration: 0.02s
2023/05/14 15:50:14 [startup:3] FFmpeg bitstream filters registration: 0.00s
2023/05/14 15:50:14 [startup:3] Lilv plugins registration: 0.00s
2023/05/14 15:50:14 [startup:3] Frei0r plugin registration: 0.00s
2023/05/14 15:50:14 [startup:3] LADSPA plugins registration: 0.00s
2023/05/14 15:50:14 [startup:3] Typechecking: 6.96s
2023/05/14 15:50:14 [startup:3] Evaluation: 0.02s
2023/05/14 15:50:14 [startup:3] Typechecking: 0.03s
2023/05/14 15:50:14 [startup:3] Evaluation: 0.00s
2023/05/14 15:50:14 [startup:3] Typechecking: 0.01s
2023/05/14 15:50:14 [startup:3] Evaluation: 0.00s
2023/05/14 15:50:14 [startup:3] Loaded 1.liq: 0.01s
2023/05/14 15:50:14 [video.converter:3] Using preferred video converter: ffmpeg.
2023/05/14 15:50:14 [audio.converter:3] Using samplerate converter: libsamplerate.
2023/05/14 15:50:14 [lifecycle:5] At stage: "Liquidsoap application start"
2023/05/14 15:50:14 [clock:4] Currently 1 clock(s) allocated.
2023/05/14 15:50:14 [clock.main:4] Starting 2 source(s)...
2023/05/14 15:50:14 [input.harbor_0:5] Assigning source content type for frame type: something that is a set of internal tracks
2023/05/14 15:50:14 [input.harbor_0:5] Content type: {audio=pcm(stereo)}
2023/05/14 15:50:14 [source:4] Source input.harbor_0 gets up with content type: {audio=pcm(stereo)}.
2023/05/14 15:50:14 [input.harbor_0:5] Clock is main[].
2023/05/14 15:50:14 [input.harbor_0:3] Content type is {audio=pcm(stereo)}.
2023/05/14 15:50:14 [harbor:4] Opening port 8005 with icy = false
2023/05/14 15:50:14 [clock.main:2] Error when starting input.harbor_0: SSL: Privte key error: error:0200100D:system library:fopen:Permission denied!
2023/05/14 15:50:14 [clock.main:4] Raised by primitive operation at Builtins_ssl.server in file "src/core/builtins/builtins_ssl.ml", line 58, characters 4-57
2023/05/14 15:50:14 [clock.main:4] Called from Harbor.Make.open_port in file "src/core/harbor/harbor.ml", line 1007, characters 17-33
2023/05/14 15:50:14 [clock.main:4] Called from Harbor.Make.get_handler in file "src/core/harbor/harbor.ml", line 1128, characters 17-53
2023/05/14 15:50:14 [clock.main:4] Called from Harbor.Make.add_source in file "src/core/harbor/harbor.ml", line 1141, characters 20-57
2023/05/14 15:50:14 [clock.main:4] Called from Source.operator#get_ready in file "src/core/source.ml", line 514, characters 8-31
2023/05/14 15:50:14 [clock.main:4] Called from Clock.MkClock.clock#start_outputs.(fun) in file "src/core/clock.ml", line 370, characters 18-45
2023/05/14 15:50:14 [clock.main:4] 
2023/05/14 15:50:14 [input.harbor_0:5] Activations changed: static=[], dynamic=[].
2023/05/14 15:50:14 [input.harbor_0:5] Enabling caching mode: active source.
2023/05/14 15:50:14 [source:4] Source input.harbor_0 gets down.
2023/05/14 15:50:14 [clock:2] Error when leaving output input.harbor_0: Not_found!
2023/05/14 15:50:14 [clock:4] Raised at Stdlib__Hashtbl.find in file "hashtbl.ml", line 539, characters 13-28
2023/05/14 15:50:14 [clock:4] Called from Harbor.Make.remove_source in file "src/core/harbor/harbor.ml", line 1152, characters 30-60
2023/05/14 15:50:14 [clock:4] Called from Source.operator#leave in file "src/core/source.ml", line 557, characters 8-18
2023/05/14 15:50:14 [clock:4] Called from Clock.leave in file "src/core/clock.ml", line 104, characters 6-44
2023/05/14 15:50:14 [clock:4] 
2023/05/14 15:50:14 [output.dummy_0:5] Assigning source content type for frame type: {audio : pcm(stereo)}
2023/05/14 15:50:14 [output.dummy_0:5] Content type: {audio=pcm(stereo)}
2023/05/14 15:50:14 [source:4] Source output.dummy_0 gets up with content type: {audio=pcm(stereo)}.
2023/05/14 15:50:14 [dummy:5] Clock is main[].
2023/05/14 15:50:14 [dummy:3] Content type is {audio=pcm(stereo)}.
2023/05/14 15:50:14 [mksafe:5] Assigning source content type for frame type: {audio : pcm(stereo)}
2023/05/14 15:50:14 [mksafe:5] Content type: {audio=pcm(stereo)}
2023/05/14 15:50:14 [source:4] Source mksafe gets up with content type: {audio=pcm(stereo)}.
2023/05/14 15:50:14 [source:4] Source input.harbor_0 gets up with content type: {audio=pcm(stereo)}.
2023/05/14 15:50:14 [input.harbor_0:5] Clock is main[].
2023/05/14 15:50:14 [input.harbor_0:3] Content type is {audio=pcm(stereo)}.
2023/05/14 15:50:14 [harbor:4] Opening port 8005 with icy = false
2023/05/14 15:50:14 [clock.main:2] Error when starting dummy: SSL: Privte key error: error:0200100D:system library:fopen:Permission denied!
2023/05/14 15:50:14 [clock.main:4] Raised by primitive operation at Builtins_ssl.server in file "src/core/builtins/builtins_ssl.ml", line 58, characters 4-57
2023/05/14 15:50:14 [clock.main:4] Called from Harbor.Make.open_port in file "src/core/harbor/harbor.ml", line 1007, characters 17-33
2023/05/14 15:50:14 [clock.main:4] Called from Harbor.Make.get_handler in file "src/core/harbor/harbor.ml", line 1128, characters 17-53
2023/05/14 15:50:14 [clock.main:4] Called from Harbor.Make.add_source in file "src/core/harbor/harbor.ml", line 1141, characters 20-57
2023/05/14 15:50:14 [clock.main:4] Called from Source.operator#get_ready in file "src/core/source.ml", line 514, characters 8-31
2023/05/14 15:50:14 [clock.main:4] Called from Switch.switch#wake_up.(fun) in file "src/core/operators/switch.ml", line 114, characters 10-46
2023/05/14 15:50:14 [clock.main:4] Called from Stdlib__List.iter in file "list.ml", line 110, characters 12-15
2023/05/14 15:50:14 [clock.main:4] Called from Source.operator#get_ready in file "src/core/source.ml", line 514, characters 8-31
2023/05/14 15:50:14 [clock.main:4] Called from Output.output#wake_up in file "src/core/outputs/output.ml", line 122, characters 6-57
2023/05/14 15:50:14 [clock.main:4] Called from Source.operator#get_ready in file "src/core/source.ml", line 514, characters 8-31
2023/05/14 15:50:14 [clock.main:4] Called from Clock.MkClock.clock#start_outputs.(fun) in file "src/core/clock.ml", line 370, characters 18-45
2023/05/14 15:50:14 [clock.main:4] 
2023/05/14 15:50:14 [dummy:5] Activations changed: static=[], dynamic=[].
2023/05/14 15:50:14 [dummy:5] Enabling caching mode: active source.
2023/05/14 15:50:14 [source:4] Source dummy gets down.
2023/05/14 15:50:14 [mksafe:5] Activations changed: static=[], dynamic=[].
2023/05/14 15:50:14 [source:4] Source mksafe gets down.
2023/05/14 15:50:14 [input.harbor_0:5] Activations changed: static=[], dynamic=[].
2023/05/14 15:50:14 [source:4] Source input.harbor_0 gets down.
2023/05/14 15:50:14 [clock:2] Error when leaving output dummy: Not_found!
2023/05/14 15:50:14 [clock:4] Raised at Stdlib__Hashtbl.find in file "hashtbl.ml", line 539, characters 13-28
2023/05/14 15:50:14 [clock:4] Called from Harbor.Make.remove_source in file "src/core/harbor/harbor.ml", line 1152, characters 30-60
2023/05/14 15:50:14 [clock:4] Called from Source.operator#leave in file "src/core/source.ml", line 557, characters 8-18
2023/05/14 15:50:14 [clock:4] Called from Switch.switch#sleep.(fun) in file "src/core/operators/switch.ml", line 123, characters 10-48
2023/05/14 15:50:14 [clock:4] Called from Stdlib__List.iter in file "list.ml", line 110, characters 12-15
2023/05/14 15:50:14 [clock:4] Called from Switch.switch#sleep in file "src/core/operators/switch.ml", line 121, characters 6-239
2023/05/14 15:50:14 [clock:4] Called from Source.operator#leave in file "src/core/source.ml", line 557, characters 8-18
2023/05/14 15:50:14 [clock:4] Called from Source.operator#leave in file "src/core/source.ml", line 557, characters 8-18
2023/05/14 15:50:14 [clock:4] Called from Clock.leave in file "src/core/clock.ml", line 104, characters 6-44
2023/05/14 15:50:14 [clock:4] 
2023/05/14 15:50:14 [clock:4] Main phase starts.
2023/05/14 15:50:14 [threads:4] Created thread "generic queue #1" (1 total).
2023/05/14 15:50:14 [threads:4] Created thread "generic queue #2" (2 total).
2023/05/14 15:50:14 [threads:4] Created thread "non-blocking queue #1" (3 total).
2023/05/14 15:50:14 [threads:4] Created thread "non-blocking queue #2" (4 total).
2023/05/14 15:50:14 [video.text:3] Using sdl implementation
2023/05/14 15:50:14 [main:3] Shutdown started!
2023/05/14 15:50:14 [lifecycle:5] At stage: "Liquidsoap core shutdown"
2023/05/14 15:50:14 [main:3] Waiting for main threads to terminate...
2023/05/14 15:50:14 [main:3] Main threads terminated.
2023/05/14 15:50:14 [lifecycle:5] At stage: "Liquidsoap scheduler shutdown"
2023/05/14 15:50:14 [threads:3] Shutting down scheduler...
2023/05/14 15:50:14 [threads:4] Thread "generic queue #1" terminated (3 remaining).
2023/05/14 15:50:14 [threads:4] Thread "non-blocking queue #2" terminated (2 remaining).
2023/05/14 15:50:14 [threads:4] Thread "generic queue #2" terminated (1 remaining).
2023/05/14 15:50:14 [threads:4] Thread "non-blocking queue #1" terminated (0 remaining).
2023/05/14 15:50:14 [threads:3] Scheduler shut down.
2023/05/14 15:50:14 [lifecycle:5] At stage: "Liquidsoap final cleanup"
2023/05/14 15:50:14 [main:3] Cleaning downloaded files...
2023/05/14 15:50:14 [main:3] Freeing memory...

[toots]

Thanks for insisting @vitoyucepi This is confirmed fixed in 57d4897 and in the latest rolling-release-v2.2.x