[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [Libevent-users] SSL problems after update to libeven 2.1.8



On Mon, Jan 22, 2018 at 09:55:49AM +0100, Alexander Rojas wrote:
> Hey guys,
> 
> Over the past couple of weeks I've been struggling with an old bug of Apache Mesos related to our implementation of SSL Sockets which are based on libevent, you can see the whole implementation in [1] and [2]. It affects later versions of Linux, like Ubuntu 17.10 and OSX, full description of the packages at MESOS-8271 [3].

Hi Alexander,

Can you try with openssl 1.1? (from the issue I saw openssl 1.0)

> The problem can be triggered simply by updating libevent from 2.0.22 to 2.18.

Wow, there were a lot of changes since 2.0.22. So I don't think that
bisect is a good idea here.

> In linux we see the issue when we call `accept()`. When we reach the event callback we keep getting `events & BEV_EVENT_ERROR && events & BEV_EVENT_READ` [4] however `EVUTIL_SOCKET_ERROR()` keeps returning 0, and `bufferevent_get_openssl_error(bev)` also shows no error.
> 
> On the client we find that the connection was closed, but the symptoms are similar, we get `BEV_EVENT_ERROR` but no other diagnostics.
> 
> I include a full stack trace of a run where the problem appears (Line numbers may be somewhat off due to debug output lines added). Any more info I am happy to contribute.
> 
> ```
> process::network::internal::LibeventSSLSocketImpl::accept_SSL_callback(process::network::internal::LibeventSSLSocketImpl::AcceptRequest*)::$_10::operator()(bufferevent*, short, void*) const (this=0x160eae0, bev=0x7fffe4001a10, events=33, arg=0x7fffc4000c10) at ../../../3rdparty/libprocess/src/libevent_ssl_socket.cpp:1152
> process::network::internal::LibeventSSLSocketImpl::accept_SSL_callback(process::network::internal::LibeventSSLSocketImpl::AcceptRequest*)::$_10::__invoke(bufferevent*, short, void*) (bev=0x7fffe4001a10, events=33, arg=0x7fffc4000c10) at ../../../3rdparty/libprocess/src/libevent_ssl_socket.cpp:1143
> ?? () from /usr/lib/x86_64-linux-gnu/libevent_openssl-2.1.so.6
> ?? () from /usr/lib/x86_64-linux-gnu/libevent_openssl-2.1.so.6
> ?? () from /usr/lib/x86_64-linux-gnu/libevent-2.1.so.6
> event_base_loop () from /usr/lib/x86_64-linux-gnu/libevent-2.1.so.6

Can you install debug symbols for libevent? So that we can see line
numbers? But it looks like it called from do_read() -> conn_closed(), if
this is true I need "err" that obtained from SSL_get_error() in
do_read().

And the next step will be to try to turn BEV_OPT_DEFER_CALLBACKS off (so
that we could see more reliable call sequence).

> process::EventLoop::run () at ../../../3rdparty/libprocess/src/libevent.cpp:98

Thanks,
Azat.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
unsubscribe libevent-users    in the body.