[
https://issues.apache.org/jira/browse/TS-4412?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15275163#comment-15275163
]
Oknet Xu commented on TS-4412:
------------------------------
There is no difference between 6.0.x and master branch in {{ssl_read_from_net}}
but clang-format.
The issue is that {{ssl_read_from_net}} is different from {{read_from_net}}.
The {{read_from_net}} only {{read}} VIO->ntodo() bytes, please check the code
below.
{code}
static void
read_from_net(NetHandler *nh, UnixNetVConnection *vc, EThread *thread)
{
NetState *s = &vc->read;
ProxyMutex *mutex = thread->mutex;
int64_t r = 0;
.
.
.
MIOBufferAccessor &buf = s->vio.buffer;
ink_assert(buf.writer());
// if there is nothing to do, disable connection
int64_t ntodo = s->vio.ntodo();
if (ntodo <= 0) {
read_disable(nh, vc);
return;
}
int64_t toread = buf.writer()->write_avail();
if (toread > ntodo)
toread = ntodo;
.
.
.
}
{code}
But the {{ssl_read_from_net}} did not depend on VIO->ntodo(), It is always full
fill the MIOBuffer.
{code}
static int
ssl_read_from_net(SSLNetVConnection *sslvc, EThread *lthread, int64_t &ret)
{
NetState *s = &sslvc->read;
MIOBufferAccessor &buf = s->vio.buffer;
IOBufferBlock *b = buf.writer()->first_write_block();
int event = SSL_READ_ERROR_NONE;
int64_t bytes_read = 0;
int64_t block_write_avail = 0;
ssl_error_t sslErr = SSL_ERROR_NONE;
int64_t nread = 0;
bool trace = sslvc->getSSLTrace();
Debug("ssl", "trace=%s", trace ? "TRUE" : "FALSE");
for (bytes_read = 0; (b != 0) && (sslErr == SSL_ERROR_NONE); b = b->next) {
block_write_avail = b->write_avail();
Debug("ssl", "[SSL_NetVConnection::ssl_read_from_net] b->write_avail()=%"
PRId64, block_write_avail);
int64_t offset = 0;
// while can be replaced with if - need to test what works faster with
openssl
while (block_write_avail > 0) {
sslErr = SSLReadBuffer(sslvc->ssl, b->end() + offset, block_write_avail,
nread);
.
.
.
}
{code}
the Error Status maybe be overwrited by READ_READY/COMPLETE If VIO->ntodo()
less than write_avail().
> event overwrited by SSL_READ_READY / COMPLETE in ssl_read_from_net
> ------------------------------------------------------------------
>
> Key: TS-4412
> URL: https://issues.apache.org/jira/browse/TS-4412
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: Oknet Xu
> Fix For: 7.0.0
>
>
> the {{ssl_read_from_net}} read data from socket and saved into MIOBuffer.
> It was designed to fill the MIOBuffer as much as possible, even execeed the
> VIO {{nbytes}} setting.
> It will try to call {{SSLReadBuffer}} again and again until the MIOBuffer is
> full or an error returned from {{SSLReadBuffer}}. The {{event}} will be set
> to a error status if an error returned from {{SSLReadBuffer}}.
> But at the end of {{ssl_read_from_net}}, the {{event}} will be overwrited to
> SSL_READ_READY or SSL_READ_COMPLETE depend on {{vio.ntodo()}} if this is one
> success at least in {{SSLReadBuffer}} before an error.
> For example:
> The {{SSLNetVConnection::net_read_io}} could not get SSL_READ_EOS from
> {{ssl_read_from_net}} and can not close the SSLNetVConnection immediately.
> Because The {{event}} SSL_READ_EOS is overwrited.
> The SSLNetVConnection will be closed by timeout.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
