Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/17190 )
Change subject: [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN ...................................................................... [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN This patch clears error from thread's error queue on a failed SSL_read() call in case of SSL_RECEIVED_SHUTDOWN. Before this patch, the process would crash with SIGABRT on certain errors when exiting from the scope because of the SCOPED_OPENSSL_NO_PENDING_ERRORS guard. Overall, it's a good practice to check for an error after a call to SSL_read() and other calls which might add an entry into the thread's error queue: the code in TlsSocket::Recv() did so in almost all cases but not the one addressed by this patch. I didn't add a test to reproduce the crash. I saw the issue manifesting itself on an incorrect TLSv1.3 negotiation sequence, but I'm not quite sure it's worth adding such a scenario just to reproduce an obvious mistake in handling the results of the SSL_read() call. Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9 Reviewed-on: http://gerrit.cloudera.org:8080/17190 Tested-by: Kudu Jenkins Reviewed-by: Attila Bukor <[email protected]> --- M src/kudu/security/tls_socket.cc 1 file changed, 1 insertion(+), 1 deletion(-) Approvals: Kudu Jenkins: Verified Attila Bukor: Looks good to me, approved -- To view, visit http://gerrit.cloudera.org:8080/17190 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9 Gerrit-Change-Number: 17190 Gerrit-PatchSet: 3 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120)
