Fix #77151 ftp_close(): SSL_read on shutdown by remicollet · Pull Request #3666 · php/php-src

remicollet · 2018-11-15T08:00:23Z

Regression introduced in fix for #76972

remicollet · 2018-11-15T08:03:26Z

@manuelm @cmb69 @nikic please review / test

remicollet · 2018-11-15T08:07:32Z

ext/ftp/ftp.c

-		if (data_available(ftp, fd)) {
-			ERR_clear_error();
-			nread = SSL_read(ssl_handle, buf, sizeof(buf));
+	while (!done && data_available(ftp, fd)) {


test grouped to avoid (possible) dead loop when !done and no data available.

remicollet · 2018-11-15T08:07:53Z

ext/ftp/ftp.c

+	while (!done && data_available(ftp, fd)) {
+		ERR_clear_error();
+		nread = SSL_read(ssl_handle, buf, sizeof(buf));
+		if (nread <= 0) {


manage error, only if read fails.

SSL_get_error returns SSL_ERROR_NONE if nread > 0

btw, faster

That's not my point. My point is this doesn't look like a fix as it doesn't actually change anything.

Also please note that there are at least two more cases with SSL_get_error in the same file with the same pattern.

remicollet · 2018-11-15T11:23:40Z

second commit make warning conditional by sslerror.

manuelm · 2018-11-15T11:29:53Z

ext/ftp/ftp.c

 					if ((sslerror = ERR_get_error())) {
-					    ERR_error_string_n(sslerror, buf, sizeof(buf));
+						ERR_error_string_n(sslerror, buf, sizeof(buf));
+						php_error_docref(NULL, E_WARNING, "SSL_read on shutdown: %s", buf);


This seems wrong. SSL_get_error may also return SSL_ERROR_SYSCALL in which case OpenSSL indicates that the underlying syscall has failed. This changes hides this error case from the user.

Still better that current broken implementation.

Please understand that we have released 7.1.24/7.2.12 with a regression, for which we need an urgent fix.

manuelm · 2018-11-15T12:31:09Z

So I found a ftp service that let me reproduce the bug report. In this case err is set to SSL_ERROR_SYSCALL although errno is 0. So omitting the print in the err == SSL_ERROR_SYSCALL && errno == 0 case should do the trick.

~~I'm still wondering why errno is zero.~~ Looks like a normal behavior which indicates the connection has already been closed. My PR was based upon the curl implementation: https://github.com/curl/curl/blob/e2dd435d473cdc97785df95d032276fafb4b7746/lib/vtls/openssl.c#L1267

Edit: I'm suggesting something like this (together with the data_available move):

--- ext/ftp/ftp.c  2018-11-15 17:58:32.454527562 +0100
+++ ext/ftp/ftp.c       2018-11-15 18:05:38.706094266 +0100
@@ -1930,6 +1930,12 @@
                                        /* SSL wants a write. Really odd. Let's bail out. */
                                        done = 1;
                                        break;
+                               case SSL_ERROR_SYSCALL:
+                                   if (errno == 0) {
+                                       /* The connection has already been closed */
+                                       done = 1;
+                                       break;
+                                   }
                                default:
                                        if ((sslerror = ERR_get_error())) {
                                            ERR_error_string_n(sslerror, buf, sizeof(buf));

remicollet · 2018-11-20T07:00:51Z

I have re-add warning when errno is set.

So no message will be output when sslerror=0 and errno=0

Regression introduced in fix for #76972 only display the error message when sslerror or if errno is set (for SSL_ERROR_SYSCALL case)

remicollet · 2018-11-20T09:20:42Z

@cmb69 I'd like to merge this one before today RCs

cmb69 · 2018-11-20T09:55:07Z

@remicollet Okay, please go ahead.

nikic

The newest version looks good to me.

remicollet · 2018-11-20T10:21:39Z

Merged.

petk added the Bug label Nov 15, 2018

remicollet commented Nov 15, 2018

View reviewed changes

manuelm reviewed Nov 15, 2018

View reviewed changes

ammarfaizi2 approved these changes Nov 17, 2018

View reviewed changes

remicollet force-pushed the issue-77151 branch from 00a9144 to dd1d951 Compare November 20, 2018 06:59

Fix #77151 ftp_close(): SSL_read on shutdown

2966b88

Regression introduced in fix for #76972 only display the error message when sslerror or if errno is set (for SSL_ERROR_SYSCALL case)

remicollet force-pushed the issue-77151 branch from dd1d951 to 2966b88 Compare November 20, 2018 07:05

nikic approved these changes Nov 20, 2018

View reviewed changes

remicollet closed this Nov 20, 2018

Conversation

remicollet commented Nov 15, 2018

Uh oh!

remicollet commented Nov 15, 2018

Uh oh!

remicollet Nov 15, 2018

Choose a reason for hiding this comment

Uh oh!

remicollet Nov 15, 2018

Choose a reason for hiding this comment

Uh oh!

manuelm Nov 15, 2018

Choose a reason for hiding this comment

Uh oh!

remicollet Nov 15, 2018

Choose a reason for hiding this comment

Uh oh!

manuelm Nov 15, 2018

Choose a reason for hiding this comment

Uh oh!

remicollet commented Nov 15, 2018

Uh oh!

manuelm Nov 15, 2018

Choose a reason for hiding this comment

Uh oh!

remicollet Nov 15, 2018

Choose a reason for hiding this comment

Uh oh!

manuelm commented Nov 15, 2018 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

remicollet commented Nov 20, 2018

Uh oh!

remicollet commented Nov 20, 2018

Uh oh!

cmb69 commented Nov 20, 2018

Uh oh!

nikic left a comment

Choose a reason for hiding this comment

Uh oh!

remicollet commented Nov 20, 2018

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

manuelm commented Nov 15, 2018 •

edited

Loading