Bug 524664
Summary: | Large messages cause hangs and crashes when using digest-md5 and security layer (ssf 128) | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise MRG | Reporter: | Gordon Sim <gsim> | ||||
Component: | qpid-cpp | Assignee: | mick <mgoulish> | ||||
Status: | CLOSED ERRATA | QA Contact: | Jiri Kolar <jkolar> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | high | ||||||
Version: | 1.1.1 | CC: | freznice, iboverma, jkolar, lbrindle, mgoulish, tross | ||||
Target Milestone: | 1.2 | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: |
Messaging bug fix
C: Large messages being sent while using digest-md5 and security layer
C: The broker would either hang or crash.
F: added an encode buffer to the CyrusSecurityLayer class and encrypts the minimum of the encode buffer and the max input size.
R: crashes no longer happen when using MD5 mechanism on large messages.
When very large messages were sent using digest-md5 and a security layer, the broker would either hang or crash. An encode buffer was added to the CyrusSecurityLayer class, and crashes no longer occur.
|
Story Points: | --- | ||||
Clone Of: | 501792 | Environment: | |||||
Last Closed: | 2009-12-03 09:15:53 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 501792 | ||||||
Bug Blocks: | 527551, 642367 | ||||||
Attachments: |
|
Description
Gordon Sim
2009-09-21 16:45:17 UTC
Created attachment 362937 [details]
backport of fix to 1.1.6
This is the backport of this fix to 752581-26 ( 1.1.6 ) .
However -- I still see the hang.
hang reproduced this way:
1. make sure that cyrus-sasl-md5 is installed on your system
2. get trunk svn version 752581
3. update with -26 patch
4. start broker on port P
make sure auth=yes,
confirm from log statements that it is using MD5
5. ./perftest --username USERNAME -p P --mechanism DIGEST-MD5 --size 100000
# enter passwd for USERNAME several times when asked.
see it hang here:
Processing 1 messages from pub_done .
6. Repeat with --size=100 and see it not hang.
Gsim's patch, attached in comment 1 above, *is* effective! I was not waiting long enough to see the test complete -- I forgot how many messages perftest was trying to send. To see the patch work, you should reproduce the problem with fewer messages being transmitted, this way: ./perftest --username guest -p 5815 --mechanism DIGEST-MD5 --size 100000 --count 100 With only 100 messages being sent, the patched version of -26 terminates successfully within one second. Without this new patch, it does not terminate. pushed to 1.1.x branch. Release note added. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Corrected problem with large messages causing hangs and crashes when using digest-md5 and security layer (ssf 128) (524664) Tested: on -26 bug aapears (but only on x86_64) on -30 has been fixed validated on RHEL RHEL5-Server-U4/RHEL4-U8 i386 / x86_64 packages: # rpm -qa | grep -E '(qpid|openais|rhm)' | sort -u openais-0.80.6-8.el5_4.1 python-qpid-0.5.752581-4.el5 qpidc-0.5.752581-30.el5 qpidc-devel-0.5.752581-30.el5 qpidc-perftest-0.5.752581-30.el5 qpidc-rdma-0.5.752581-30.el5 qpidc-ssl-0.5.752581-30.el5 qpidd-0.5.752581-30.el5 qpidd-acl-0.5.752581-30.el5 qpidd-cluster-0.5.752581-30.el5 qpidd-devel-0.5.752581-30.el5 qpid-dotnet-0.4.738274-2.el5 qpidd-rdma-0.5.752581-30.el5 qpidd-ssl-0.5.752581-30.el5 qpidd-xml-0.5.752581-30.el5 qpid-java-client-0.5.751061-9.el5 qpid-java-common-0.5.751061-9.el5 rhm-0.5.3206-17.el5 rhm-docs-0.5.756148-1.el5 rh-tests-distribution-MRG-Messaging-qpid_common-1.5-15 ->VERIFIED Release note updated. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1 +1,8 @@ -Corrected problem with large messages causing hangs and crashes when using digest-md5 and security layer (ssf 128) (524664)+Messaging bug fix + +C: Large messages being sent while using digest-md5 and security layer +C: The broker would either hang or crash. +F: +R: + +NEED FURTHER INFO FOR RELNOTE. Release note updated. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -2,7 +2,7 @@ C: Large messages being sent while using digest-md5 and security layer C: The broker would either hang or crash. -F: -R: +F: added an encode buffer to the CyrusSecurityLayer class and encrypts the minimum of the encode buffer and the max input size. +R: crashes no longer happen when using MD5 mechanism on large messages. -NEED FURTHER INFO FOR RELNOTE.+When very large messages were sent using digest-md5 and a security layer, the broker would either hang or crash. An encode buffer was added to the CyrusSecurityLayer class, and crashes no longer occur. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-1633.html |