[erlang-bugs] SSL fails at sending a short message while receiving a big one

Loïc Hoguin <>
Thu Feb 13 15:30:55 CET 2014


Okay the test case I sent was obviously incorrect, good catch. I *do* 
still have an issue though, as the client is in passive mode in the 
Cowboy test suite, and yet the test still fails in the manner I 
described. I will investigate further, but have you tried to run the 
Cowboy suite? There should be 2 cases failing for you, and I have 2 
others that I need to push, all only with SSL.

On 02/13/2014 03:24 PM, Ingela Anderton Andin wrote:
> Hi!
>
> If you make your client use a passive socket instead of a active one
> your first test case, it will work better!
>
> I also rewrote your second version into:    (which works fine for me)
>
> -module(big2).
> -compile(export_all).
>
> server() ->
>      ssl:start(),
>      CaInfo = erl_make_certs:make_cert([{key, dsa}]),
>      {Cert, {Asn1Type, Der, _}} = erl_make_certs:make_cert([{key, dsa},
> {issuer, CaInfo}]),
>      Key = {Asn1Type, Der},
>      spawn(fun() ->
>            {ok, L} = ssl:listen(44444, [
>                             {cert, Cert},
>                             {key, Key},
>                             {active, false},
>                             binary
>                            ]),
>            {ok, S} = ssl:transport_accept(L),
>            ssl:ssl_accept(S),
>            ok = recv(S, 27),
>            ok = recv(S, size(<< 0:800000000 >>)),
>            ok = ssl:send(S, <<"it works!">>),
>            ssl:shutdown(S, write),
>            ok = recv(S, 2)
>        end).
>
> client() ->
>      {ok, S} = ssl:connect("localhost", 44444, [{active, false}, binary]),
>      ssl:send(S, "some data before a big body"),
>      ssl:send(S, << 0:800000000 >> ),
>      recv(S, 9),
>      ssl:send(S, "ok"),
>      ok.
>
> recv(_S, 0) ->
>      ok;
> recv(S, N) ->
>      {ok, Bin} = ssl:recv(S, 0, 5000),
>      recv(S, N - size(Bin)).
>
>
> Regards Ingela Erlang/OTP team - Ericsson AB
>
> On 02/08/2014 07:50 PM, Loïc Hoguin wrote:
>> Hello,
>>
>> While investigating a solution for TCP linger issues with Cowboy, I
>> was surprised when I saw that the solution that worked perfectly well
>> for TCP didn't for SSL.
>>
>> It *may* be related to what fails in my other "SSL socket gets closed
>> abruptly" thread, as both cases send large data. However that other
>> thread is a little more crazy (as sending any non-200 response does
>> work there, while in this case I never got any response).
>>
>> Please see a test case attached. It's a simpler simulation of what may
>> actually happen with HTTP. First a few small packets (often one) are
>> sent for the headers, and then a potentially huge body. The server may
>> not want to receive the body, but it always needs to send a response.
>> Problem is, if we don't read the body, that response is never sent
>> with SSL.
>>
>> It's interesting to note that incorrect behavior occurs regardless of
>> the shutdown call being there. That call is used for the lingering
>> solution mentioned above so I tried with and without. In both cases
>> the response isn't received by the client. If the shutdown call is
>> there, the recv call will eventually say {error, closed} (it may or
>> may not take a while, I had both). If the shutdown call isn't there,
>> recv will just timeout.
>>
>> You need erl_make_certs from the SSL test suite for this test case too.
>>
>> Below output is for R16B02 but the issue also occurs with master
>> updated sometimes this week too.
>>
>> % erl
>> Erlang R16B02 (erts-5.10.3) [source] [64-bit] [smp:4:4]
>> [async-threads:10] [hipe] [kernel-poll:false]
>>
>> Eshell V5.10.3  (abort with ^G)
>> 1> c(erl_make_certs).
>> {ok,erl_make_certs}
>> 2> c(sslbig).
>> {ok,sslbig}
>> 3> "With shutdown write".
>> "With shutdown write"
>> 4> sslbig:server().
>> <0.69.0>
>> 5> sslbig:client().
>> ** exception error: no match of right hand side value {error,closed}
>>      in function  sslbig:client/0 (sslbig.erl, line 29)
>> 6> c(sslbig).
>> {ok,sslbig}
>> 7> "Without shutdown write".
>> "Without shutdown write"
>> 8> sslbig:server().
>> <0.84.0>
>> 9> sslbig:client().
>> ** exception error: no match of right hand side value {error,timeout}
>>      in function  sslbig:client/0 (sslbig.erl, line 29)
>> 10>
>>
>> Enjoy!
>>
>>
>>
>> _______________________________________________
>> erlang-bugs mailing list
>> 
>> http://erlang.org/mailman/listinfo/erlang-bugs
>
>

-- 
Loïc Hoguin
http://ninenines.eu


More information about the erlang-bugs mailing list