Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-5913

Stale socket FD usage when using libevent + SSL.

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 0.27.3, 0.28.2, 1.0.0
    • Fix Version/s: 0.28.3, 1.0.1
    • Component/s: libprocess
    • Labels:
      None

      Description

      Jan-Philip Gehrcke reported seeing garbage data being sent on sockets when hitting the master or agents with a lot of HTTP requests.

      I was able to reproduce this locally by running HTTP requests while hammering the code with HTTPS requests.

      Looking at the code, it appears that accepted SSL sockets may be used after they are closed (see here).

      This code may call SSL_shutdown after Socket::~Impl closes the fd. This means that if the fd is re-used, we may accidentally write a TLS Alert message to the re-used fd.

        Attachments

          Activity

            People

            • Assignee:
              bmahler Benjamin Mahler
              Reporter:
              bmahler Benjamin Mahler
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: