From: Aaron Patterson <aaron@...>
Date: 2011-06-23T00:27:35+09:00
Subject: [ruby-core:37296] Re: [Ruby 1.9 - Bug #4237] SSL_shutdown should be called until it returns 0


--IrhDeMKUP4DT/M7F
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jun 22, 2011 at 11:08:08PM +0900, Hiroshi NAKAMURA wrote:
>=20
> Issue #4237 has been updated by Hiroshi NAKAMURA.
>=20
>=20
> Aaron, I'm sorry for late response, but can you point the original report=
 of this issue? The link 'http://intertwingly.net/blog/2010/12/07/SQLite3-C=
orruptException-database-disk-image-is-malformed' looks not related to open=
ssl. Am I misunderstanding something?

Sam's report does not look like it's related to openssl.  The case that
he was encountering was an SSL socket failure.  Please look at the
change I committed: r30294.

Before my change, the post_connection_check in tlsconnect would fail,
and the ssl socket would never be closed.  I believe this was causing
heap corruption which lead to the issues that Sam was seeing.

After studying the openssl code, I saw that we only call SSL_shutdown
once[1] and we do not check the return value[2].  This seems like a
problem as the OpenSSL documentation says[3]:

  It is therefore recommended, to check the return value of
  SSL_shutdown() and call SSL_shutdown() again, if the bidirectional
  shutdown is not yet complete (return value of the first call is 0). As
  the shutdown is not specially handled in the SSLv2 protocol,
  SSL_shutdown() will succeed on the first call.

Like I said in the original report:

  I believe r30294 only fixed a symptom as it closes the SSL socket
  twice (once from the call to `close` and once again during GC).

I believe we need to be checking the return value of SSL_shutdown from
ossl_ssl_shutdown, and possibly calling it multiple times.  I made that
change in r30451, but it was later reverted because we were seeing segvs
on the CI machine.

I'll try to come up with a test case to reproduce, but it seems very
difficult to me. :-(

1. https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ssl.c#L970-977
2. https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ssl.c#L974
3. http://www.openssl.org/docs/ssl/SSL_shutdown.html

--=20
Aaron Patterson
http://tenderlovemaking.com/

--IrhDeMKUP4DT/M7F
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)

iQEcBAEBAgAGBQJOAgm0AAoJEJUxcLy0/6/GPuoH/2vZ/iVlFsev7XWnZjwGhVoQ
zVH0LyBJ/h2DGbt1xsSyd3YHuvIIGBi5n9eR9HveEOO5+xjpLJRGmRqVfW3PYCLA
t3ECEvPtB98OhrZq5530AsyF9xLRaGaMm60SEM4ngo3LcdA+NS7G2Xq3CKjvpbWl
NvpcaD4Kwf9PxvD3fNcCh80fTVDxfEirfRLw0EYN8pGzTDIFaZm6waF2s5Y0KrGq
/5Sau85mjpC4eOHhO6B223TZkfmIBefq2nR+qBocOaH/IoPvc/hiHxLHYetLwfHt
7o0tgnxmCYL+AvBKgILcrG5HAv51/uzCV6TClxqGLPAsY4PSvVdfyWNMDZizHW8=
=C+Hd
-----END PGP SIGNATURE-----

--IrhDeMKUP4DT/M7F--