This is an automated email from the ASF dual-hosted git repository.
yiguolei pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/master by this push:
new 7ecb49fe30f [thirdparty](patch)fix brpc core when enable ssl (#55649)
7ecb49fe30f is described below
commit 7ecb49fe30f9dcdbbc7ed096cce3140dc1c24ba8
Author: koarz <[email protected]>
AuthorDate: Fri Sep 5 09:17:45 2025 +0800
[thirdparty](patch)fix brpc core when enable ssl (#55649)
https://github.com/apache/brpc/issues/2166
https://github.com/apache/brpc/pull/2180
---
.../brpc-1.6.0-fix-core-when-enable-SSL.patch | 70 ++++++++++++++++++++++
1 file changed, 70 insertions(+)
diff --git a/thirdparty/patches/brpc-1.6.0-fix-core-when-enable-SSL.patch
b/thirdparty/patches/brpc-1.6.0-fix-core-when-enable-SSL.patch
new file mode 100644
index 00000000000..39cc995ead5
--- /dev/null
+++ b/thirdparty/patches/brpc-1.6.0-fix-core-when-enable-SSL.patch
@@ -0,0 +1,70 @@
+From b4fecace384951638e0d092629e7ac922e9b609d Mon Sep 17 00:00:00 2001
+From: warriorpaw <[email protected]>
+Date: Sun, 25 Jun 2023 14:29:06 +0800
+Subject: [PATCH] fix core when enable SSL (#2180)
+
+---
+ src/brpc/socket.cpp | 15 ++++++++++++---
+ src/brpc/socket.h | 3 +++
+ 2 files changed, 15 insertions(+), 3 deletions(-)
+
+diff --git a/src/brpc/socket.cpp b/src/brpc/socket.cpp
+index 259e09ca..e0a69422 100644
+--- a/src/brpc/socket.cpp
++++ b/src/brpc/socket.cpp
+@@ -1569,6 +1569,7 @@ X509* Socket::GetPeerCertificate() const {
+ if (ssl_state() != SSL_CONNECTED) {
+ return NULL;
+ }
++ BAIDU_SCOPED_LOCK(_ssl_session_mutex);
+ return SSL_get_peer_certificate(_ssl_session);
+ }
+
+@@ -1879,11 +1880,15 @@ ssize_t Socket::DoWrite(WriteRequest* req) {
+ CHECK_EQ(SSL_CONNECTED, ssl_state());
+ if (_conn) {
+ // TODO: Separate SSL stuff from SocketConnection
++ BAIDU_SCOPED_LOCK(_ssl_session_mutex);
+ return _conn->CutMessageIntoSSLChannel(_ssl_session, data_list,
ndata);
+ }
+ int ssl_error = 0;
+- ssize_t nw = butil::IOBuf::cut_multiple_into_SSL_channel(
+- _ssl_session, data_list, ndata, &ssl_error);
++ ssize_t nw = 0;
++ {
++ BAIDU_SCOPED_LOCK(_ssl_session_mutex);
++ nw = butil::IOBuf::cut_multiple_into_SSL_channel(_ssl_session,
data_list, ndata, &ssl_error);
++ }
+ switch (ssl_error) {
+ case SSL_ERROR_NONE:
+ break;
+@@ -2027,7 +2032,11 @@ ssize_t Socket::DoRead(size_t size_hint) {
+
+ CHECK_EQ(SSL_CONNECTED, ssl_state());
+ int ssl_error = 0;
+- ssize_t nr = _read_buf.append_from_SSL_channel(_ssl_session, &ssl_error,
size_hint);
++ ssize_t nr = 0;
++ {
++ BAIDU_SCOPED_LOCK(_ssl_session_mutex);
++ nr = _read_buf.append_from_SSL_channel(_ssl_session, &ssl_error,
size_hint);
++ }
+ switch (ssl_error) {
+ case SSL_ERROR_NONE: // `nr' > 0
+ break;
+diff --git a/src/brpc/socket.h b/src/brpc/socket.h
+index cc77168f..bd753f60 100644
+--- a/src/brpc/socket.h
++++ b/src/brpc/socket.h
+@@ -827,6 +827,9 @@ private:
+ AuthContext* _auth_context;
+
+ SSLState _ssl_state;
++ // SSL objects cannot be read and written at the same time.
++ // Use mutex to protect SSL objects when ssl_state is SSL_CONNECTED.
++ mutable butil::Mutex _ssl_session_mutex;
+ SSL* _ssl_session; // owner
+ std::shared_ptr<SocketSSLContext> _ssl_ctx;
+
+--
+2.50.1
+
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
