Flood developers:
I discovered an error where my system would simply lock up (with maximum
CPU utilization from Flood.exe!) while trying to access an https page,
which is using a server-side certificate, when running Flood from Windows
(did not experience this problem in either Linux. My current SSL package
in use there is openssl-0.9.7b. I did some debugging, and found that there
is a spurious SSL error occurring (SSL_ERROR_SYSCALL). When associated
with a non-zero errno (coming from somewhere in the ssl_open_socket()
routine), this generated an APR_EGENERAL return for ssl_read_socket()
(ERR_print_errors_fp() did not provide any output in this case). Then the
calling code in flood_socket_generic.c apparently does not handle this
error well. I intend to send a follow-up email both to this group and to
the openssl group regarding this issue, but I have a fix available since
the packet is actually coming back successfully (so I am treating this as
a ghost error for now).
The patch I am providing (attached here) to fix this bug and stop the
lock-up affects two files:
flood_net_ssl.c (ssl_read_socket() function): Sets errno=0 before doing
the SSL read so that the check on errno generates an APR_EOF.
flood_socket_generic.c (generic_recv_resp() function): Handle errors more
robustly by not exiting a while loop under any non-APR_SUCCESS status
condition. The function exit, however, will not record an APR_EOF code as
an error since it is the usual way for ending the function.
flood_socket_keepalive.c probably needs similar work which will be posted
as a separate diff in the near future.
-Norman Tuttle, developer, OpenDemand Systems [EMAIL PROTECTED]
--- \flood-1.1\flood_net_ssl.c 2003-10-08 19:25:02.000000000 -0400
+++ flood_net_ssl.c 2003-10-23 13:02:14.000000000 -0400
@@ -290,6 +290,7 @@
return APR_TIMEUP;
}
+ errno=0;
e = SSL_read(s->ssl_connection, buf, *buflen);
sslError = SSL_get_error(s->ssl_connection, e);
--- \flood-1.1\flood_socket_generic.c 2003-09-06 00:27:38.000000000 -0400
+++ flood_socket_generic.c 2003-10-23 14:58:39.000000000 -0400
@@ -174,7 +174,7 @@
new_resp->rbufsize += i;
cp += i;
}
- while (status != APR_EOF && status != APR_TIMEUP);
+ while (status == APR_SUCCESS);
}
else
{
@@ -186,20 +186,16 @@
read_socket(gsock->s, new_resp->rbuf,
&new_resp->rbufsize);
- while (status != APR_EOF && status != APR_TIMEUP) {
+ while (status == APR_SUCCESS) {
i = MAX_DOC_LENGTH - 1;
status = gsock->ssl ? ssl_read_socket(gsock->s, b, &i) :
read_socket(gsock->s, b, &i);
}
- if (status != APR_SUCCESS && status != APR_EOF) {
- return status;
- }
-
}
*resp = new_resp;
- return APR_SUCCESS;
+ return ((status==APR_EOF) ? APR_SUCCESS : status);
}
/**
