Deadlock bug in ssl library
Johan Bevemyr
jb@REDACTED
Fri Aug 26 15:24:10 CEST 2005
The deadlock occurs when the client sends lots of data to an
erlang SSL server and the SSL server queries the SSL library
for for example ssl:peername().
What happens is that the esock port program will try to write
the data to the ssl_broker, and eventually block in write() and
stay blocked until erlang has read the data.
However, suppose you have the following situation.
1. A process recv: some data from the SSL socket and then proceeds
without reading all data.
2. The esock port program blocks since it tries to write (it will not
block right way since there are both read and write buffers on the
TCP level on the socket between the ssl_broker and esock.
3. The same process as in 1 tries to read the peername from the SSL
socket. This will cause the broker to send an GETPEERNAME request
via the ssl_server to esock, and wait for the reply. Howerver
esock cannot answer since it blocks in write() of the SSL data.
All SSL traffic is blocked at this point and no further SSL processing
can take place.
The solution is to make the (proxy) socket between esock and the
ssl_broker non-blocking (which appears to be the intention).
Patch against r10-b4 lib/ssl/c_src/esock.c:
452a453
> SET_NONBLOCKING(proxysock);
988,990c989,991
< } else if (cc == 0) {
< /* EOF proxy */
< DEBUGF(("proxy eof\n"));
---
> } else {
> /* EOF proxy or error */
> DEBUGF(("proxy eof or error\n"));
1000,1003d1000
< } else {
< /* This should not happen */
< DEBUGF(("ERROR: proxy readmask set, cc < 0, fd = %d"
< " proxyfd = %d\n", cp->fd, cp->proxy->fd));
/Johan and Martin
More information about the erlang-patches
mailing list