You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Benjamin Mahler (JIRA)" <ji...@apache.org> on 2016/08/02 21:52:20 UTC
[jira] [Updated] (MESOS-5913) Stale socket FD usage when using
libevent + SSL.
[ https://issues.apache.org/jira/browse/MESOS-5913?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Benjamin Mahler updated MESOS-5913:
-----------------------------------
Fix Version/s: 0.28.3
> Stale socket FD usage when using libevent + SSL.
> ------------------------------------------------
>
> Key: MESOS-5913
> URL: https://issues.apache.org/jira/browse/MESOS-5913
> Project: Mesos
> Issue Type: Bug
> Components: libprocess
> Reporter: Benjamin Mahler
> Assignee: Benjamin Mahler
> Priority: Blocker
> Fix For: 0.28.3, 1.0.1
>
>
> [~jgehrcke] reported seeing garbage data being sent on sockets when hitting the master or agents with a lot of HTTP requests.
> I was able to reproduce this locally by running HTTP requests while hammering the code with HTTPS requests.
> Looking at the code, it appears that accepted SSL sockets may be used after they are closed (see [here|https://github.com/apache/mesos/blob/dbc5a19149655cde2b76dca4af73c4a7b22529dd/3rdparty/libprocess/src/libevent_ssl_socket.cpp#L94-L156]).
> This code may call {{SSL_shutdown}} after {{Socket::~Impl}} closes the fd. This means that if the fd is re-used, we may accidentally write a TLS Alert message to the re-used fd.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)