httpd-test-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Norman Tuttle <ntut...@photon.poly.edu>
Subject Flood patch: Fixes hangup bug with SSL and generic sockets [Ref A8]
Date Thu, 23 Oct 2003 22:29:59 GMT
Flood developers:

I discovered an error where my system would simply lock up (with maximum
CPU utilization from Flood.exe!) while trying to access an https page,
which is using a server-side certificate, when running Flood from Windows
(did not experience this problem in either Linux. My current SSL package
in use there is openssl-0.9.7b. I did some debugging, and found that there
is a spurious SSL error occurring (SSL_ERROR_SYSCALL). When associated
with a non-zero errno (coming from somewhere in the ssl_open_socket()
routine), this generated an APR_EGENERAL return for ssl_read_socket()
(ERR_print_errors_fp() did not provide any output in this case). Then the
calling code in flood_socket_generic.c apparently does not handle this
error well. I intend to send a follow-up email both to this group and to
the openssl group regarding this issue, but I have a fix available since
the packet is actually coming back successfully (so I am treating this as
a ghost error for now).

The patch I am providing (attached here) to fix this bug and stop the
lock-up affects two files:

flood_net_ssl.c (ssl_read_socket() function): Sets errno=0 before doing
the SSL read so that the check on errno generates an APR_EOF.
flood_socket_generic.c (generic_recv_resp() function): Handle errors more
robustly by not exiting a while loop under any non-APR_SUCCESS status
condition. The function exit, however, will not record an APR_EOF code as
an error since it is the usual way for ending the function.

flood_socket_keepalive.c probably needs similar work which will be posted
as a separate diff in the near future.

-Norman Tuttle, developer, OpenDemand Systems ntuttle@opendemand.com




Mime
View raw message