On Mon, Jan 11, 2010 at 12:28 PM, Joachim Bauch <[email protected]> wrote: > Hello, > > I have a SSL-aware server using libevent 2.0.3. For most clients > that are disconnecting, "be_openssl_eventcb" is called with an event > of "BEV_EVENT_EOF", triggering a "BEV_EVENT_ERROR" in my application > callback due to "allow_dirty_shutdown" being empty. > > There seems to be no way to set this flag from anywhere (application > or inside libevent), is this intentional or just a missing feature?
At this point, I don't recall whether I started adding that feature and didn't finish, or started removing it and didn't finish. :/ The SSL clean-shutdown protocol exists so that you can tell the difference between the other side closing the connection correctly, and an attacker forcing the connection to close. For some protocols (like ones that use a close to indicate the end of a data object) this can matter, since otherwise you have no way to tell whether the other side meant to stop sending you data, or whether it got cut off. If you've got one of those protocols, treating a broken connection the same way as a closed connection is a big security hole. You might as well downgrade to SSL2. ;) On the other hand, there should be _some_ way of detecting and reporting a dirty shutdown more detectable. Instead of having an allow_dirty_shutdown flag, maybe there should be a got_dirty_shutdown flag that the user can check when getting an SSL error. (There doesn't seem to be a particular OpenSSL error that gets set in this case, so I don't expect that calling bufferevent_get_openssl_error would do any good.) hth, -- Nick *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe libevent-users in the body.
