Author: markt
Date: Fri Sep 11 07:52:24 2015
New Revision: 1702390
URL: http://svn.apache.org/r1702390
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58357
In circumstances not currently understood, APR+OpenSSL returns an error code
when there does not appear to be anything wrong. Treating this as EAGAIN worked
for HTTP upgrade so apply the same approach for HTTP.
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/InternalAprInputBuffer.java
tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/LocalStrings.properties
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/InternalAprInputBuffer.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/InternalAprInputBuffer.java?rev=1702390&r1=1702389&r2=1702390&view=diff
==============================================================================
---
tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/InternalAprInputBuffer.java
(original)
+++
tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/InternalAprInputBuffer.java
Fri Sep 11 07:52:24 2015
@@ -587,6 +587,15 @@ public class InternalAprInputBuffer exte
lastValid = pos + nRead;
} else if (-nRead == Status.EAGAIN) {
return false;
+ } else if (-nRead == Status.APR_EGENERAL && wrapper.isSecure()) {
+ // Not entirely sure why this is necessary. Testing to date has not
+ // identified any issues with this but log it so it can be tracked
+ // if it is suspected of causing issues in the future.
+ if (log.isDebugEnabled()) {
+ log.debug(sm.getString("iib.apr.sslGeneralError",
+ Long.valueOf(socket), wrapper));
+ }
+ return false;
} else if ((-nRead) == Status.ETIMEDOUT || (-nRead) == Status.TIMEUP) {
if (block) {
throw new SocketTimeoutException(
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/LocalStrings.properties?rev=1702390&r1=1702389&r2=1702390&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/LocalStrings.properties
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/LocalStrings.properties
Fri Sep 11 07:52:24 2015
@@ -27,6 +27,8 @@ http11processor.comet.notsupported=The C
http11processor.sendfile.error=Error sending data using sendfile. May be
caused by invalid request attributes for start/end points
http11Processor.upgrade=An internal error has occurred as upgraded connections
should only be processed by the dedicated upgrade processor implementations
+iib.apr.sslGeneralError=An APR general error was returned by the SSL read
operation on APR/native socket [{0}] with wrapper [{1}]. It will be treated as
EAGAIN and the socket returned to the poller.
+
iib.available.readFail=A non-blocking read failed while attempting to
determine if data was available
iib.eof.error=Unexpected EOF read on the socket
iib.failedread.apr=Read failed with APR/native error code [{0}]
Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1702390&r1=1702389&r2=1702390&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Fri Sep 11 07:52:24 2015
@@ -81,6 +81,13 @@
supported. Tomcat now includes a work-around so either form of the
cipher suite name can be used when running on an IBM JRE. (markt)
</fix>
+ <fix>
+ <bug>58357</bug>: For reasons not currently understood when the
+ APR/native connector is used with OpenSSL reads can return an error
code
+ when there is no apparent error. This was work-around for HTTP upgrade
+ connections by treating this as <code>EAGAIN</code>. The same fix has
+ now been applied to the standard HTTP connector. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
