[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases

To: libevent-users@xxxxxxxxxxxxx
Subject: Re: [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases
From: Nick Mathewson <nickm@xxxxxxxxxxxxx>
Date: Mon, 19 Dec 2011 21:57:08 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: libevent-users-outgoing@xxxxxxxx
Delivered-to: libevent-users@xxxxxxxx
Delivery-date: Mon, 19 Dec 2011 21:57:19 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; bh=ZzlnjC4MFybaB4zJH7K6lLcnF+FPHDlhRTDP0KF3RoI=; b=pG57YNAZSYZWM38dX/NW4VyOiyCykizxtm9GAfbtVMpIWPrsAk0HHVIhyv+/wO6XUc jKO4N3bHL9IlUZ6dN68NVEUHd01NbJtUcBy2fWAKV1n+ozJ6jhhZxKxnydgOhtzBuhEl l3S5tGI1mLOvtcVYSqRbPInzJyVF/xo9oS/n4=
In-reply-to: <20111220014141.GB20078@xxxxxxxxxx>
References: <FC58DC2FCA1644C6932F304338A04CC0@xxxxxxxxxxxxxxx> <CAJB0wA9_Sm=zJuy4ZXrvU3u7C1auXKq6YWZJWpme7KX7D5P+Hw@xxxxxxxxxxxxxx> <20111220013450.GA20078@xxxxxxxxxx> <20111220014141.GB20078@xxxxxxxxxx>
Reply-to: libevent-users@xxxxxxxxxxxxx
Sender: owner-libevent-users@xxxxxxxxxxxxx

On Mon, Dec 19, 2011 at 8:41 PM, Mark Ellzey <mthomas@xxxxxxxxxx> wrote:
> On Mon, Dec 19, 2011 at 07:34:50PM -0600, Mark Ellzey wrote:
>> I think I have been able to reproduce this using ssl client + filters.
>> More on this in a bit.
>
>
> This seems to fix the issue:
>
> -               n_to_read = SSL_pending(bev_ssl->ssl);
> +               if (!(n_to_read = SSL_pending(bev_ssl->ssl)) && bev_ssl->underlying) {
> +                   n_to_read = evbuffer_get_length(bev_ssl->underlying->input);
> +               }
> +

I agree with the part of your fix where we don't ignore the extra data
whose presence is indicated by a nonzero  SSL_pending.

But I think these fixes all have some problem(s) in common:  They
ignore the reason for the logic that initially sets n_to_read, and
instead have the behavior for the filtering SSL bufferevent be "read
aggressively, as much as possible!"

That isn't correct behavior.  Because of rate-limiting[1],
watermarks[2], fairness/starvation[3], and loop-avoidance[4], we
*don't* want to read aggressively from a single underlying bufferevent
until it's out of data.

[1][2] This behavior can make the SSL bufferevent aggressively overrun
rate limits and watermarks.

[3] If a bunch of data has arrived on a the underlying bufferevent, we
probably don't want to aggressively do SSL on it until its gone
without giving other events a chance to fire.

[4] If the underlying bufferevent is a paired bufferevent, draining it
could cause it to refill itself from its partner, invoking callbacks
that might refill the partner, etc.

Instead, I think what we do want to do is make sure that
consider_reading gets called on the *next* iteration of the event
loop, as it would if this were a non-filtering bufferevent.  But I
don't know that there's a good way to do that in the 2.0.x framework.

I think instead our best bet is to try to return the
filtering-bufferevent behavior here as close as we can to the status
quo ante before 2.0.16 came out, and to work on a real correct
solution to this (and other tricky issues) for 2.1, where we can
afford to do stuff like "build new infrastructure" and "refactor all
the ugly code."

Thoughts?

yrs,
-- 
Nick
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
unsubscribe libevent-users    in the body.

Follow-Ups:
- Re: [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases
  - From: Haseeb Abdul Qadir
- Re: [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases
  - From: Mark Ellzey

References:
- [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases
  - From: Haseeb Abdul Qadir
- Re: [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases
  - From: Catalin Patulea
- Re: [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases
  - From: Mark Ellzey
- Re: [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases
  - From: Mark Ellzey

Prev by Author: Re: [Libevent-users] Zlib inclusion (and regress failures)
Next by Author: Re: [Libevent-users] The function list operation of "_evdns_nameserver_add_impl"
Previous by thread: Re: [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases
Next by thread: Re: [Libevent-users] PATCH: bufferevent_openssl consider_read doesn't drain underlying BE in all cases
Index(es):
- Author
- Thread