[jira] [Comment Edited] (TS-3667) SSL Handhake read does not correctly handle EOF and error cases

Wed, 22 Jul 2015 02:44:08 -0700 

    [ 
https://issues.apache.org/jira/browse/TS-3667?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14636542#comment-14636542
 ] 

Oknet Xu edited comment on TS-3667 at 7/22/15 9:42 AM:
-------------------------------------------------------

this patch is also working for me but I'm prefer only {{if (retval == 0)}} 
section here.
Let SSL_Accept() to face other error status if retval < 0.

to replicate it, you can try {{plugins/experimental/ssl_cert_loader}}, the 
plugin load cert from file rather than my plugin load cert from mysql database.

sorry for my poor english, you are right, EAGAIN not means EOF, and may be some 
data will be send to client.

for SSL_accept(), it will call {{SSLUtils.cc::ssl_cert_callback}} or 
{{SSLUtils.cc::ssl_servername_callback}} to reenable the SSLVC during the ssl 
handshake process.


was (Author: oknet):
yes, the last simple patch is working for me.

to replicate it, you can try {{plugins/experimental/ssl_cert_loader}}, the 
plugin load cert from file rather than my plugin load cert from mysql database.

sorry for my poor english, you are right, EAGAIN not means EOF, and may be some 
data will send to client.

for SSL_accept(), it will call {{SSLUtils.cc::ssl_cert_callback}} or 
{{SSLUtils.cc::ssl_servername_callback}} to reenable the SSLVC during the ssl 
handshake process.

> SSL Handhake read does not correctly handle EOF and error cases
> ---------------------------------------------------------------
>
>                 Key: TS-3667
>                 URL: https://issues.apache.org/jira/browse/TS-3667
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: SSL
>    Affects Versions: 5.2.0, 5.3.0
>            Reporter: Susan Hinrichs
>            Assignee: Susan Hinrichs
>             Fix For: 5.3.1, 6.0.0
>
>         Attachments: ts-3667.diff
>
>
> Reported by [~esproul] and postwait.
> The return value of SSLNetVConnection::read_raw_data() is being ignored.  So 
> EOF and errors are not terminated, but rather spin until the inactivity 
> timeout is reached.  EAGAIN  is not being descheduled until more data is 
> available.
> This results in higher CPU utilization and hitting the SSL_error() function 
> much more than it needs to be hit.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to