You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by "ILYA (JIRA)" <ji...@apache.org> on 2016/07/07 14:24:11 UTC

[jira] [Reopened] (COUCHDB-3049) inet:sockname called on ssl socket

     [ https://issues.apache.org/jira/browse/COUCHDB-3049?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ILYA reopened COUCHDB-3049:
---------------------------
      Assignee: ILYA  (was: Jay Doane)

It doesn't work for plain http:
[<<"chttpd:sockname/1 L578">>,<<"chttpd:absolute_uri/2 L549">>, <<"cloudant_plugin_chttpd:update_absolute_uri/1 L86">>, <<"cloudant_plugin_chttpd:before_request/1 L22">>, <<"lists:foldl/3 L1261">>,<<"chttpd_plugin:before_request/1 L32">>, <<"chttpd:before_request/1 L254">>, <<"chttpd:handle_request_int/1 L227">>]

> inet:sockname called on ssl socket
> ----------------------------------
>
>                 Key: COUCHDB-3049
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-3049
>             Project: CouchDB
>          Issue Type: Bug
>          Components: HTTP Interface
>            Reporter: Jay Doane
>            Assignee: ILYA
>
> I configured couchdb to accept ssl requests on port 6894 and put it behind haproxy, but the health checks were failing because of this error:
> req_err(1419482684) unknown_error : function_clause    [<<"prim_inet:sockname/1">>,<<"chttpd:absolute_uri/2 L541">>,<<"cloudant_plugin_chttpd:update_absolute_uri/1 L78">>,<<"cloudant_plugin_chttpd:before_request/1 L20">>,<<"lists:foldl/3 L1261">>,<<"chttpd_plugin:before_request/1 L30">>,<<"chttpd:before_request/1 L252">>,<<"chttpd:handle_request_int/1 L225">>]
> I traced the problem to calling inet:sockname on an ssl socket:
> https://github.com/apache/couchdb-chttpd/blob/master/src/chttpd.erl#L549
> However, I didn't do a thorough audit to ensure there are no other places where an inet function might be called on an ssl socket.
> In any case, a simple workaround is to change the "option httpchk" line in haproxy.cfg to something like this:
> option httpchk GET /_up HTTP/1.0\r\nHost:\ some.host
> which will avoid dropping into that particular case where the crashing code is called.
> The simplest solution is to create a helper function that distinguishes between tcp and ssl sockets:
> sockname(Socket) when is_pid(Socket) ->
>     inet:sockname(Socket);
> sockname(Socket) when is_tuple(Socket) -> % is_tuple since ssl_api.hrl is not exposed
>     ssl:sockname(Socket).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)