This is an automated email from the ASF dual-hosted git repository. awong pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/kudu.git
commit bedc701f28d57414a5ef10b1947cc149b8d3240d Author: Will Berkeley <[email protected]> AuthorDate: Thu Mar 14 16:15:21 2019 -0700 Check result status of Socket::GetPeerAddress in TlsSocket::Recv Previously, the result of this call wasn't checked, which could lead to, for example, printing out nonsensical and misleading remote addresses, e.g. Network error: BlockingRecv error: failed to read from TLS socket (remote: 0.0.0.0:0): Connection reset by peer (error 104) This patch checks the result status and uses "unknown" for the peer address when it can't be obtained from getpeername: Network error: BlockingRecv error: failed to read from TLS socket (remote: unknown): Connection reset by peer (error 104) Change-Id: Ibd43f30ad11f192463d697f570a997b7e41c7088 Reviewed-on: http://gerrit.cloudera.org:8080/12760 Reviewed-by: Alexey Serbin <[email protected]> Tested-by: Kudu Jenkins Reviewed-by: Adar Dembo <[email protected]> --- src/kudu/security/tls_socket.cc | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/kudu/security/tls_socket.cc b/src/kudu/security/tls_socket.cc index 355f04b..a586315 100644 --- a/src/kudu/security/tls_socket.cc +++ b/src/kudu/security/tls_socket.cc @@ -33,6 +33,9 @@ #include "kudu/util/net/sockaddr.h" #include "kudu/util/net/socket.h" +using std::string; +using strings::Substitute; + namespace kudu { namespace security { @@ -114,9 +117,10 @@ Status TlsSocket::Recv(uint8_t *buf, int32_t amt, int32_t *nread) { int save_errno = errno; if (bytes_read <= 0) { Sockaddr remote; - Socket::GetPeerAddress(&remote); - std::string kErrString = strings::Substitute("failed to read from TLS socket (remote: $0)", - remote.ToString()); + Status s = GetPeerAddress(&remote); + const string remote_str = s.ok() ? remote.ToString() : "unknown"; + string kErrString = Substitute("failed to read from TLS socket (remote: $0)", + remote_str); if (bytes_read == 0 && SSL_get_shutdown(ssl_.get()) == SSL_RECEIVED_SHUTDOWN) { return Status::NetworkError(kErrString, ErrnoToString(ESHUTDOWN), ESHUTDOWN); @@ -124,7 +128,7 @@ Status TlsSocket::Recv(uint8_t *buf, int32_t amt, int32_t *nread) { auto error_code = SSL_get_error(ssl_.get(), bytes_read); if (error_code == SSL_ERROR_WANT_READ) { if (save_errno != 0) { - return Status::NetworkError("SSL_read error from " + remote.ToString(), + return Status::NetworkError("SSL_read error from " + remote_str, ErrnoToString(save_errno), save_errno); } // Nothing available to read yet.
