You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Benjamin Mahler (JIRA)" <ji...@apache.org> on 2016/08/02 21:52:20 UTC

[jira] [Updated] (MESOS-5913) Stale socket FD usage when using libevent + SSL.

     [ https://issues.apache.org/jira/browse/MESOS-5913?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Benjamin Mahler updated MESOS-5913:
-----------------------------------
    Fix Version/s: 0.28.3

> Stale socket FD usage when using libevent + SSL.
> ------------------------------------------------
>
>                 Key: MESOS-5913
>                 URL: https://issues.apache.org/jira/browse/MESOS-5913
>             Project: Mesos
>          Issue Type: Bug
>          Components: libprocess
>            Reporter: Benjamin Mahler
>            Assignee: Benjamin Mahler
>            Priority: Blocker
>             Fix For: 0.28.3, 1.0.1
>
>
> [~jgehrcke] reported seeing garbage data being sent on sockets when hitting the master or agents with a lot of HTTP requests.
> I was able to reproduce this locally by running HTTP requests while hammering the code with HTTPS requests.
> Looking at the code, it appears that accepted SSL sockets may be used after they are closed (see [here|https://github.com/apache/mesos/blob/dbc5a19149655cde2b76dca4af73c4a7b22529dd/3rdparty/libprocess/src/libevent_ssl_socket.cpp#L94-L156]).
> This code may call {{SSL_shutdown}} after {{Socket::~Impl}} closes the fd. This means that if the fd is re-used, we may accidentally write a TLS Alert message to the re-used fd.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)