From b28dfb31bbb5dc7e28490a55487c43d590d29f8e Mon Sep 17 00:00:00 2001 From: bluhm Date: Tue, 4 Jul 2017 15:52:26 +0000 Subject: [PATCH] It does not make sense to use ioctl(FIONREAD) with TLS as libtls has already read the buffer from kernel to user land. I have blindly copied this code from libevent for syslogd(8) TLS, remove it together with the bug. It caused hangs in ldapd(8). report, analysis, testing, OK Seiya Kawashima, Robert Klein, gsoares@ --- usr.sbin/ldapd/evbuffer_tls.c | 17 +---------------- usr.sbin/syslogd/evbuffer_tls.c | 17 +---------------- 2 files changed, 2 insertions(+), 32 deletions(-) diff --git a/usr.sbin/ldapd/evbuffer_tls.c b/usr.sbin/ldapd/evbuffer_tls.c index b7bbe3b4e4c..3ebf39eae7a 100644 --- a/usr.sbin/ldapd/evbuffer_tls.c +++ b/usr.sbin/ldapd/evbuffer_tls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evbuffer_tls.c,v 1.2 2017/03/03 20:26:23 bluhm Exp $ */ +/* $OpenBSD: evbuffer_tls.c,v 1.3 2017/07/04 15:52:26 bluhm Exp $ */ /* * Copyright (c) 2002-2004 Niels Provos @@ -298,21 +298,6 @@ evtls_read(struct evbuffer *buf, int fd, int howmuch, struct tls *ctx) size_t oldoff = buf->off; int n = EVBUFFER_MAX_READ; - if (ioctl(fd, FIONREAD, &n) == -1 || n <= 0) { - n = EVBUFFER_MAX_READ; - } else if (n > EVBUFFER_MAX_READ && n > howmuch) { - /* - * It's possible that a lot of data is available for - * reading. We do not want to exhaust resources - * before the reader has a chance to do something - * about it. If the reader does not tell us how much - * data we should read, we artifically limit it. - */ - if ((size_t)n > buf->totallen << 2) - n = buf->totallen << 2; - if (n < EVBUFFER_MAX_READ) - n = EVBUFFER_MAX_READ; - } if (howmuch < 0 || howmuch > n) howmuch = n; diff --git a/usr.sbin/syslogd/evbuffer_tls.c b/usr.sbin/syslogd/evbuffer_tls.c index dd212e12721..9a0f8daecf1 100644 --- a/usr.sbin/syslogd/evbuffer_tls.c +++ b/usr.sbin/syslogd/evbuffer_tls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evbuffer_tls.c,v 1.10 2017/03/03 20:26:23 bluhm Exp $ */ +/* $OpenBSD: evbuffer_tls.c,v 1.11 2017/07/04 15:52:26 bluhm Exp $ */ /* * Copyright (c) 2002-2004 Niels Provos @@ -298,21 +298,6 @@ evtls_read(struct evbuffer *buf, int fd, int howmuch, struct tls *ctx) size_t oldoff = buf->off; int n = EVBUFFER_MAX_READ; - if (ioctl(fd, FIONREAD, &n) == -1 || n <= 0) { - n = EVBUFFER_MAX_READ; - } else if (n > EVBUFFER_MAX_READ && n > howmuch) { - /* - * It's possible that a lot of data is available for - * reading. We do not want to exhaust resources - * before the reader has a chance to do something - * about it. If the reader does not tell us how much - * data we should read, we artifically limit it. - */ - if ((size_t)n > buf->totallen << 2) - n = buf->totallen << 2; - if (n < EVBUFFER_MAX_READ) - n = EVBUFFER_MAX_READ; - } if (howmuch < 0 || howmuch > n) howmuch = n; -- 2.20.1