Hello Attila Bukor, Kudu Jenkins,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/17190
to look at the new patch set (#2).
Change subject: [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN
......................................................................
[TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN
This patch clears error from thread's error queue on a failed SSL_read()
call in case of SSL_RECEIVED_SHUTDOWN. Before this patch, the process
would crash with SIGABRT on certain errors when exiting from the scope
because of the SCOPED_OPENSSL_NO_PENDING_ERRORS guard. Overall, it's
a good practice to check for an error after a call to SSL_read() and
other calls which might add an entry into the thread's error queue:
the code in TlsSocket::Recv() did so in almost all cases but not the one
addressed by this patch.
I didn't add a test to reproduce the crash. I saw the issue manifesting
itself on an incorrect TLSv1.3 negotiation sequence, but I'm not quite
sure it's worth adding such a scenario just to reproduce an obvious
mistake in handling the results of the SSL_read() call.
Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
---
M src/kudu/security/tls_socket.cc
1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/90/17190/2
--
To view, visit http://gerrit.cloudera.org:8080/17190
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
Gerrit-Change-Number: 17190
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin <[email protected]>
Gerrit-Reviewer: Attila Bukor <[email protected]>
Gerrit-Reviewer: Kudu Jenkins (120)
