Please do not reply to this email- if you want to comment on the bug, go to the URL shown below and enter your comments there.
Changed by [EMAIL PROTECTED] http://bugzilla.ximian.com/show_bug.cgi?id=78597 --- shadow/78597 2006-06-07 09:03:59.000000000 -0400 +++ shadow/78597.tmp.1821 2006-06-16 11:31:01.000000000 -0400 @@ -1,23 +1,23 @@ Bug#: 78597 Product: Mono: Class Libraries Version: 1.1 -OS: Windows XP +OS: All OS Details: -Status: NEEDINFO +Status: ASSIGNED Resolution: Severity: Unknown Priority: Normal Component: Mono.Security AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] QAContact: [EMAIL PROTECTED] TargetMilestone: --- URL: Cc: -Summary: NRE in SSL/NPGSQL +Summary: SSL re-negotiation failure with Postgres Description of Problem: "Object reference not set to an instance of an object." in Mono.Security.dll when loading large amounts of data with ssl+npgsql. Steps to reproduce the problem: @@ -91,6 +91,97 @@ between SSL and NPGSQL (like in the BufferedStream between them); - Execute your application (or test case) on Mono (at least on Windows and if possible on Linux) for both the 2.0 and the 1.1 profile - if it works then it would indicate that the code depends on a Mono-specific behaviour. + +------- Additional Comments From [EMAIL PROTECTED] 2006-06-08 05:07 ------- +OK, Compiled with 2005. + +Issue occurs during connection renegotiation. + +ClientRecordProtocol.cs:line 81 +message = this.createServerHandshakeMessage(handshakeType, data); +//no null check here, createServerHandshakeMessage can return null +message.Process();<<== this is the line that causes the null reference +exception, but it is the renegotiation that fails. + +Are there renegotiation unit tests somewhere that I can test with? + +My Postgresql is running on +Linux 203-97-254-16 2.6.12-gentoo-r6 + +start of the related errors in data/postgresql.log +LOG: SSL SYSCALL error: Connection reset by peer +LOG: could not receive data from client: Connection reset by peer +LOG: unexpected EOF on client connection +LOG: SSL renegotiation failure +LOG: SSL error: ssl handshake failure +LOG: could not send data to client: Connection reset by peer +LOG: SSL error: ssl handshake failure +LOG: could not receive data from client: Connection reset by peer +LOG: unexpected EOF on client connection +LOG: SSL SYSCALL error: Connection reset by peer +LOG: could not send data to client: Connection reset by peer + + +------- Additional Comments From [EMAIL PROTECTED] 2006-06-08 09:17 ------- +The createServerHandshakeMessage method sends an alert to warn the +server that it won't re-negotiate, then returns NULL. + +So, of course, line 81 will throw a NRE when asked to Process this +message. The message Update block is protected by a null check. + +Please try to add a null check before line 81, like: +message = this.createServerHandshakeMessage(handshakeType, data); +if (message != null) +{ + message.Process(); +} +to see if this fix the problem (it should fix the NRE, not sure how +postgress will react to a no-renegogiation warning). + +------- Additional Comments From [EMAIL PROTECTED] 2006-06-09 11:28 ------- +The null check was added in SVN r61588. Please let me know if this +solve the problem completely - or if anything else fails after that. +Thanks + +------- Additional Comments From [EMAIL PROTECTED] 2006-06-11 16:38 ------- +I get "server returned unknown error" where the type is 0. + +Is there any reason in particular why mono.security will not +renegotiate? Is it just missing the state-machine to handle it? + + + +------- Additional Comments From [EMAIL PROTECTED] 2006-06-12 09:21 ------- +Hmmm... that doesn't tell much. Is that the exact and only text shown ? + +A type of 0 could be, if it's coming from an Alert message, a +close_notify, which could mean the server refuse to continue (after +receiving the no_renegotiation). However I don't have enough data to +be sure of that. Can you please attach an (compressed) ethereal trace +to the bug ? +Thanks + +Re-negotiation is not implemented because: +(a) it's a rare event, i.e. we don't have (even unpredictable) test +cases to replicate it and test it properly. Even your case doesn't fit +the "normal" case of a renegotiation; and +(b) it's very CPU intensive, i.e. it greatly affect performance. + + +------- Additional Comments From [EMAIL PROTECTED] 2006-06-12 09:50 ------- +Looks like this is done on purpose, so it should be possible to build +a predictable test case +http://archives.postgresql.org/pgsql-interfaces/2003-04/msg00088.php +http://archives.postgresql.org/pgsql-patches/2003-04/msg00093.php + + +------- Additional Comments From [EMAIL PROTECTED] 2006-06-16 11:31 ------- +Ok, I'm setup to duplicate the issue (it takes about 5 minutes to +reach the negotiation point). + +It seems we're not sending the alert (and doing so doesn't fix the +issue) and it's obvious, from the NRE, that this case hasn't been tested. + _______________________________________________ mono-bugs maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-bugs
