packages/libevent
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!37 ssl: do not trigger EOF if some data had been successfully read

Browse Source 
From: @tong_1001 
Reviewed-by: @hubin95, @xiezhipeng1 
Signed-off-by: @xiezhipeng1
This commit is contained in:
openeuler-ci-bot 2023-07-29 02:53:38 +00:00 committed by Gitee
commit 347ef5e156
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 49 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
backport-ssl-do-not-trigger-EOF-if-some-data-had-been-successf.patch Normal file
View File

@ -0,0 +1,44 @@
From 7652cf4068f77905a56b9165455ec7e90917ec31 Mon Sep 17 00:00:00 2001
From: Azat Khuzhin <azat@libevent.org>
Date: Sun, 14 May 2023 16:53:13 +0200
Subject: [PATCH] ssl: do not triger EOF if some data had been successfully
read
Reference:https://github.com/libevent/libevent/commit/ef51444f439b922c8fb00c7ef3f8482b6400b6ea
https://github.com/libevent/libevent/commit/49a7ae4c5668ebad7b6c4618664224c1a0bc5079
https://github.com/libevent/libevent/commit/7652cf4068f77905a56b9165455ec7e90917ec31
Previously in case when evbuffer_reserve_space() returns > 1, but
it was able to read only 1 IO vector, it will try to read the next one,
got 0 (EOF for mbedTLS or SSL_ERROR_ZERO_RETURN for OpenSSL) and will
trigger EOF, while instead, it should trigger EV_READ w/o EOF and only
after EOF.
---
bufferevent_openssl.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/bufferevent_openssl.c b/bufferevent_openssl.c
index b51b834..8b4b655 100644
--- a/bufferevent_openssl.c
+++ b/bufferevent_openssl.c
@@ -616,6 +616,17 @@ do_read(struct bufferevent_openssl *bev_ssl, int n_to_read) {
} else {
int err = SSL_get_error(bev_ssl->ssl, r);
print_err(err);
+ /* NOTE: we ignore the error in case of some progress was done,
+ * because currently we do not send close_notify, and this will
+ * lead to error from SSL_read() (it will return 0, and
+ * SSL_get_error() will return SSL_ERROR_SSL), and this is because
+ * of lack of close_notify
+ *
+ * But AFAICS some code uses it the same way (i.e. nginx) */
+ if (result & OP_MADE_PROGRESS) {
+ /* Process existing data */
+ break;
+ }
switch (err) {
case SSL_ERROR_WANT_READ:
/* Can't read until underlying has more data. */
--
2.27.0

6
libevent.spec
View File

@ -1,6 +1,6 @@
Name: libevent Name: libevent
Version: 2.1.12 Version: 2.1.12
Release: 7 Release: 8
Summary: An event notification library Summary: An event notification library
License: BSD License: BSD
@ -18,6 +18,7 @@ Patch2: add-testcases-for-event.c-apis.patch
# issue is fixed. # issue is fixed.
# https://github.com/transmission/transmission/issues/1437 # https://github.com/transmission/transmission/issues/1437
Patch3: 0001-Revert-Fix-checking-return-value-of-the-evdns_base_r.patch Patch3: 0001-Revert-Fix-checking-return-value-of-the-evdns_base_r.patch
Patch6000: backport-ssl-do-not-trigger-EOF-if-some-data-had-been-successf.patch
%description %description
Libevent additionally provides a sophisticated framework for buffered network IO, with support for sockets, Libevent additionally provides a sophisticated framework for buffered network IO, with support for sockets,
@ -78,6 +79,9 @@ rm -f %{buildroot}%{_libdir}/*.la
%changelog %changelog
* Sat Jul 29 2023 shixuantong <shixuantong1@huawei.com> - 2.1.12-8
- ssl: do not trigger EOF if some data had been successfully read
* Thu Feb 16 2023 dillon chen <dillon.chen@gmail.com> - 2.1.12-7 * Thu Feb 16 2023 dillon chen <dillon.chen@gmail.com> - 2.1.12-7
- close make check - close make check