[jira] [Updated] (MESOS-6621) SSL downgrade path will CHECK-fail when using both temporary and persistent sockets

Mon, 21 Nov 2016 18:34:43 -0800 

     [ 
https://issues.apache.org/jira/browse/MESOS-6621?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joseph Wu updated MESOS-6621:
-----------------------------
    Attachment: test_linkee.cpp
                test.patch

> SSL downgrade path will CHECK-fail when using both temporary and persistent 
> sockets
> -----------------------------------------------------------------------------------
>
>                 Key: MESOS-6621
>                 URL: https://issues.apache.org/jira/browse/MESOS-6621
>             Project: Mesos
>          Issue Type: Bug
>          Components: libprocess
>    Affects Versions: 1.0.2, 1.1.0
>         Environment: SSL with downgrade enabled
>            Reporter: Joseph Wu
>            Assignee: Joseph Wu
>            Priority: Critical
>              Labels: mesosphere
>         Attachments: test.patch, test_linkee.cpp
>
>
> The code path for downgrading sockets from SSL to non-SSL includes this code:
> {code}
>     // If this address is a temporary link.
>     if (temps.count(addresses[to_fd]) > 0) {
>       temps[addresses[to_fd]] = to_fd;
>       // No need to erase as we're changing the value, not the key.
>     }
>     // If this address is a persistent link.
>     if (persists.count(addresses[to_fd]) > 0) {
>       persists[addresses[to_fd]] = to_fd;
>       // No need to erase as we're changing the value, not the key.
>     }
> {code}
> https://github.com/apache/mesos/blob/1.1.x/3rdparty/libprocess/src/process.cpp#L2311-L2321
> It is possible for libprocess to hold both temporary and persistent sockets 
> to the same address.  This can happen when a message is first sent 
> ({{ProcessBase::send}}), and then a link is established 
> ({{ProcessBase::link}}).  When the target of the message/link is a non-SSL 
> socket, both temporary and persistent sockets go through the downgrade path.
> If a temporary socket is present while a persistent socket is being created, 
> the above code will remap both temporary and persistent sockets to the same 
> address (it should only remap the persistent socket).  This leads to some 
> CHECK failures if those sockets are used or closed later:
> * {code}
>     bool persist = persists.count(address) > 0;
>     bool temp = temps.count(address) > 0;
>     if (persist || temp) {
>       int s = persist ? persists[address] : temps[address];
>       CHECK(sockets.count(s) > 0);
> socket = sockets.at(s);
> {code}
> https://github.com/apache/mesos/blob/1.1.x/3rdparty/libprocess/src/process.cpp#L1942
> * {code}
>         if (dispose.count(s) > 0) {
>           // This is either a temporary socket we created or it's a
>           // socket that we were receiving data from and possibly
>           // sending HTTP responses back on. Clean up either way.
>           if (addresses.count(s) > 0) {
>             const Address& address = addresses[s];
>             CHECK(temps.count(address) > 0 && temps[address] == s);
> temps.erase(address);
> {code}
> https://github.com/apache/mesos/blob/1.1.x/3rdparty/libprocess/src/process.cpp#L2044



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to