You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@kudu.apache.org by "Alexey Serbin (Code Review)" <ge...@cloudera.org> on 2021/03/16 07:08:57 UTC

[kudu-CR] [TlsSocket] clear error queue in Recv on SSL RECEIVED SHUTDOWN

Alexey Serbin has uploaded this change for review. ( http://gerrit.cloudera.org:8080/17190


Change subject: [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN
......................................................................

[TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN

This patch clears error from thread's error queue on a failed SSL_read()
call in case of SSL_RECEIVED_SHUTDOWN.  Before this patch, the process
would crash with SIGABRT on certain errors when exiting from the scope
because of the SCOPED_OPENSSL_NO_PENDING_ERRORS guard.  Overall, it's
a good practice to check for an error after a call to SSL_read() and
other calls which might add an entry into the thread's error queue:
the code in TlsSocket::Recv() did so in almost all cases but not the one
addressed by this patch.

I didn't add a test to reproduce the crash.  I saw the issue manifesting
itself on an incorrect TLSv1.3 negotiation sequence, but I'm not quite
sure it's worth adding such a scenario just to reproduce an obvious
mistake in handling the results of the SSL_read() call.

Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
---
M src/kudu/security/tls_socket.cc
1 file changed, 6 insertions(+), 1 deletion(-)



  git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/90/17190/1
-- 
To view, visit http://gerrit.cloudera.org:8080/17190
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
Gerrit-Change-Number: 17190
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>

[kudu-CR] [TlsSocket] clear error queue in Recv on SSL RECEIVED SHUTDOWN

Posted by "Attila Bukor (Code Review)" <ge...@cloudera.org>.

Attila Bukor has posted comments on this change. ( http://gerrit.cloudera.org:8080/17190 )

Change subject: [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN
......................................................................


Patch Set 1:

(1 comment)

http://gerrit.cloudera.org:8080/#/c/17190/1/src/kudu/security/tls_socket.cc
File src/kudu/security/tls_socket.cc:

http://gerrit.cloudera.org:8080/#/c/17190/1/src/kudu/security/tls_socket.cc@199
PS1, Line 199:         char buf[256];
Shouldn't we use GetSSLErrorDescription() instead of this? We use this elsewhere and it ultimately calls ERR_error_string_n() too when it runs into an unfamiliar error.



-- 
To view, visit http://gerrit.cloudera.org:8080/17190
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
Gerrit-Change-Number: 17190
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Attila Bukor <ab...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Tue, 16 Mar 2021 07:39:43 +0000
Gerrit-HasComments: Yes

[kudu-CR] [TlsSocket] clear error queue in Recv on SSL RECEIVED SHUTDOWN

Posted by "Attila Bukor (Code Review)" <ge...@cloudera.org>.

Attila Bukor has posted comments on this change. ( http://gerrit.cloudera.org:8080/17190 )

Change subject: [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN
......................................................................


Patch Set 2: Code-Review+2


-- 
To view, visit http://gerrit.cloudera.org:8080/17190
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
Gerrit-Change-Number: 17190
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Attila Bukor <ab...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Tue, 16 Mar 2021 15:43:27 +0000
Gerrit-HasComments: No

[kudu-CR] [TlsSocket] clear error queue in Recv on SSL RECEIVED SHUTDOWN

Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.

Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/17190 )

Change subject: [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN
......................................................................

[TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN

This patch clears error from thread's error queue on a failed SSL_read()
call in case of SSL_RECEIVED_SHUTDOWN.  Before this patch, the process
would crash with SIGABRT on certain errors when exiting from the scope
because of the SCOPED_OPENSSL_NO_PENDING_ERRORS guard.  Overall, it's
a good practice to check for an error after a call to SSL_read() and
other calls which might add an entry into the thread's error queue:
the code in TlsSocket::Recv() did so in almost all cases but not the one
addressed by this patch.

I didn't add a test to reproduce the crash.  I saw the issue manifesting
itself on an incorrect TLSv1.3 negotiation sequence, but I'm not quite
sure it's worth adding such a scenario just to reproduce an obvious
mistake in handling the results of the SSL_read() call.

Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
Reviewed-on: http://gerrit.cloudera.org:8080/17190
Tested-by: Kudu Jenkins
Reviewed-by: Attila Bukor <ab...@apache.org>
---
M src/kudu/security/tls_socket.cc
1 file changed, 1 insertion(+), 1 deletion(-)

Approvals:
  Kudu Jenkins: Verified
  Attila Bukor: Looks good to me, approved

-- 
To view, visit http://gerrit.cloudera.org:8080/17190
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
Gerrit-Change-Number: 17190
Gerrit-PatchSet: 3
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Attila Bukor <ab...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)

[kudu-CR] [TlsSocket] clear error queue in Recv on SSL RECEIVED SHUTDOWN

Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.

Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/17190 )

Change subject: [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN
......................................................................


Patch Set 1:

(1 comment)

http://gerrit.cloudera.org:8080/#/c/17190/1/src/kudu/security/tls_socket.cc
File src/kudu/security/tls_socket.cc:

http://gerrit.cloudera.org:8080/#/c/17190/1/src/kudu/security/tls_socket.cc@199
PS1, Line 199:         char buf[256];
> Shouldn't we use GetSSLErrorDescription() instead of this? We use this else
Good point: indeed, GetOpenSSLErrors() seems more appropriate here.



-- 
To view, visit http://gerrit.cloudera.org:8080/17190
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
Gerrit-Change-Number: 17190
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Attila Bukor <ab...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Tue, 16 Mar 2021 15:03:53 +0000
Gerrit-HasComments: Yes

[kudu-CR] [TlsSocket] clear error queue in Recv on SSL RECEIVED SHUTDOWN

Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.

Hello Attila Bukor, Kudu Jenkins, 

I'd like you to reexamine a change. Please visit

    http://gerrit.cloudera.org:8080/17190

to look at the new patch set (#2).

Change subject: [TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN
......................................................................

[TlsSocket] clear error queue in Recv on SSL_RECEIVED_SHUTDOWN

This patch clears error from thread's error queue on a failed SSL_read()
call in case of SSL_RECEIVED_SHUTDOWN.  Before this patch, the process
would crash with SIGABRT on certain errors when exiting from the scope
because of the SCOPED_OPENSSL_NO_PENDING_ERRORS guard.  Overall, it's
a good practice to check for an error after a call to SSL_read() and
other calls which might add an entry into the thread's error queue:
the code in TlsSocket::Recv() did so in almost all cases but not the one
addressed by this patch.

I didn't add a test to reproduce the crash.  I saw the issue manifesting
itself on an incorrect TLSv1.3 negotiation sequence, but I'm not quite
sure it's worth adding such a scenario just to reproduce an obvious
mistake in handling the results of the SSL_read() call.

Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
---
M src/kudu/security/tls_socket.cc
1 file changed, 1 insertion(+), 1 deletion(-)


  git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/90/17190/2
-- 
To view, visit http://gerrit.cloudera.org:8080/17190
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ie64456b61b797085d1ec6df76a8b2dfeca9860c9
Gerrit-Change-Number: 17190
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Attila Bukor <ab...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)