Alexey Serbin has uploaded this change for review. ( http://gerrit.cloudera.org:8080/17190
Change subject: [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN ...................................................................... [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN This patch clears error from thread's error queue on a failed SSL_read() call in case of SSL_RECEIVED_SHUTDOWN. Before this patch, the process would crash with SIGABRT on certain errors when exiting from the scope because of the SCOPED_OPENSSL_NO_PENDING_ERRORS guard. Overall, it's a good practice to check for an error after a call to SSL_read() and other calls which might add an entry into the thread's error queue: the code in TlsSocket::Recv() did so in almost all cases but not the one addressed by this patch. I didn't add a test to reproduce the crash. I saw the issue manifesting itself on an incorrect TLSv1.3 negotiation sequence, but I'm not quite sure it's worth adding such a scenario just to reproduce an obvious mistake in handling the results of the SSL_read() call. Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9 --- M src/kudu/security/tls_socket.cc 1 file changed, 6 insertions(+), 1 deletion(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/90/17190/1 -- To view, visit http://gerrit.cloudera.org:8080/17190 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9 Gerrit-Change-Number: 17190 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin <[email protected]>
