#45808 [Asn]: stream_socket_enable_crypto() blocks and eats CPU

[garretts]

 ID:               45808
 Updated by:       garre...@php.net
 Reported By:      six at aegis-corp dot org
 Status:           Assigned
 Bug Type:         Streams related
 Operating System: Linux 2.6
 PHP Version:      5.3.0alpha1
 Assigned To:      pajoye
 New Comment:

FYI: 
I can't repro this on Windows with the build off the snaps' box (VC9
x86 Non Thread Safe (2009-Aug-18 16:00:00)). 

It: 
  blocks until connection using telnet[expected]
  doens't consume any CPU[expected]
  and returns 'bool(false)' [expected -- I assume the same as
'int(0)']
  and exits[expected]  

G


Previous Comments:
------------------------------------------------------------------------

[2008-10-30 11:03:57] xl269 at cam dot ac dot uk

just to confirm that this bug still exists in php5.3-200810292330

------------------------------------------------------------------------

[2008-09-25 17:59:37] singularity_control at rcpt dot at

This makes a serious security issue. It is a very effective DoS on
all single process PHP servers with SSL and a slightly less bad DoS on
multi-process PHP servers.

------------------------------------------------------------------------

[2008-09-25 16:07:31] nasam at mailvault dot com

Bug is in ext/openssl/xp_ssl.c
Function handle_ssl_error: (line 107)
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
       /* re-negotiation, or perhaps the SSL layer needs more
       * packets: retry in next iteration */
       errno = EAGAIN;
       retry = is_init ? 1 : sslsock->s.is_blocked; //BUG
       break;

it sets retry to 1 in php_openssl_enable_crypto no matter if socket is
blocking or not.

------------------------------------------------------------------------

[2008-09-25 10:06:09] six at aegis-corp dot org

the bug is still present in php5.3-200809232030

------------------------------------------------------------------------

[2008-09-24 01:20:29] six at aegis-corp dot org

the bug is still present in php5.3-200809232030

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/45808

-- 
Edit this bug report at http://bugs.php.net/?id=45808&edit=1