[
https://issues.apache.org/jira/browse/MESOS-5913?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benjamin Mahler updated MESOS-5913:
-----------------------------------
Affects Version/s: 0.27.3
> Stale socket FD usage when using libevent + SSL.
> ------------------------------------------------
>
> Key: MESOS-5913
> URL: https://issues.apache.org/jira/browse/MESOS-5913
> Project: Mesos
> Issue Type: Bug
> Components: libprocess
> Affects Versions: 0.27.3, 0.28.2, 1.0.0
> Reporter: Benjamin Mahler
> Assignee: Benjamin Mahler
> Priority: Blocker
> Fix For: 0.28.3, 1.0.1, 0.27.4
>
>
> [~jgehrcke] reported seeing garbage data being sent on sockets when hitting
> the master or agents with a lot of HTTP requests.
> I was able to reproduce this locally by running HTTP requests while hammering
> the code with HTTPS requests.
> Looking at the code, it appears that accepted SSL sockets may be used after
> they are closed (see
> [here|https://github.com/apache/mesos/blob/dbc5a19149655cde2b76dca4af73c4a7b22529dd/3rdparty/libprocess/src/libevent_ssl_socket.cpp#L94-L156]).
> This code may call {{SSL_shutdown}} after {{Socket::~Impl}} closes the fd.
> This means that if the fd is re-used, we may accidentally write a TLS Alert
> message to the re-used fd.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
