Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ERL-148: httpc crashes if HTTPS request is answered with two ssl:send/2 calls #3525

Closed
OTP-Maintainer opened this issue May 18, 2016 · 4 comments
Closed

ERL-148: httpc crashes if HTTPS request is answered with two ssl:send/2 calls #3525

OTP-Maintainer opened this issue May 18, 2016 · 4 comments
Assignees
@IngelaAndin
Labels
bug Issue is reported as a bug priority:medium team:PS Assigned to OTP team PS
Milestone
OTP-19.0

Comments

@OTP-Maintainer
Copy link

Original reporter: weisslj
Affected version: OTP-19.0
Fixed in version: OTP-19.0
Component: ssl
Migrated from: https://bugs.erlang.org/browse/ERL-148

With Erlang/OTP 19.0-rc1 {{httpc}} crashes when an HTTPS request is answered with two instead of one {{ssl:send/2}} calls.

A run of {{git bisect}} found commit [67de1ba|https://github.com/erlang/otp/commit/67de1ba82d1af910dc6ab6d41a1f22dbfb39f658] (ssl: Use gen_statem instead of gen_fsm) as responsible.

See also ERL-144 and ERL-147, might be related, but not sure.

I attached an example program:

h3. Usage

Terminal 1:
{noformat}
openssl req -x509 -newkey rsa -keyout key.pem -out cert.pem -nodes -subj '/CN=localhost'
escript test_server.escript
{noformat}

Terminal 2:
{noformat}
escript test_client.escript
{noformat}

h3. Output in terminal 2

With OTP 18:
{noformat}
Request successful, no bug
{noformat}

With OTP 19:
{noformat}
** Reason for termination == 
** {function_clause,
       [{httpc_handler,handle_info,
            [{error,closed},
[...]
Crash during request, *BUG*
{noformat}
@OTP-Maintainer
Copy link
Author

ingela said:

There are some issues here. The thing is that tcp does not have a delivery guarantee on application level, only on tcp level. So if you put a sleep in your server before closing it down, the test will work. httpc could use some better errorhandling.  To avoid this you should use shutdown, but I got some problems in prim_inet  when trying that, I need to invesitigate it further.

@OTP-Maintainer
Copy link
Author

ingela said:

Turns out there is a bug, even though your test is a bit timing dependent, fix is here.

{code:java}
diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl
index 208edc6..40f3eea 100644
--- a/lib/ssl/src/tls_connection.erl
+++ b/lib/ssl/src/tls_connection.erl
@@ -922,7 +922,7 @@ alert_user(Transport, Tracker, Socket,_, _, _, From, Alert, Role) ->
 alert_user(Transport, Tracker, Socket, From, Alert, Role) ->
     alert_user(Transport, Tracker, Socket, false, no_pid, From, Alert, Role).
 
-alert_user(_, _, _, false = Active, Pid, From,  Alert, Role) ->
+alert_user(_, _, _, false = Active, Pid, From,  Alert, Role) when From =/= undefined ->
     %% If there is an outstanding ssl_accept | recv
     %% From will be defined and send_or_reply will
     %% send the appropriate error message.

{code}

@OTP-Maintainer
Copy link
Author

weisslj said:

Thank you for the quick fix, I can confirm it solves the problem!

@OTP-Maintainer
Copy link
Author

weisslj said:

Fixing commit is [e63b071|https://github.com/erlang/otp/commit/e63b07167e3bcfc848ae6f0f08981d04fab991bc].

@OTP-Maintainer OTP-Maintainer added bug Issue is reported as a bug team:PS Assigned to OTP team PS priority:medium labels Feb 10, 2021
@OTP-Maintainer OTP-Maintainer added this to the OTP-19.0 milestone Feb 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@IngelaAndin IngelaAndin

Labels
bug Issue is reported as a bug priority:medium team:PS Assigned to OTP team PS
Projects
None yet
Milestone
OTP-19.0
Development

No branches or pull requests
2 participants
@IngelaAndin @OTP-Maintainer