Bug #72108 for perl-ldap: With LDAPS, select is not enough to see if data remains on an SSL socket

RT for rt.cpan.org

This queue is for tickets about the perl-ldap CPAN distribution.

Report information

The Basics

Id:	72108
Status:	resolved
Priority:	0/
Queue:	perl-ldap

People

Owner:	Nobody in particular
Requestors:	cbratcher [...] barracuda.com
Cc:
AdminCc:

Bug Information

Severity:	Important
Broken in:	0.43
Fixed in:	0.45

History Show all quoted text

Tue Nov 01 19:29:15 2011 https://www.google.com/accounts/o8/id?id=AItOawnhY1OPbN8MX5dQGUIqQTITc0nCyqI-hwY - Ticket created

Subject:

With LDAPS, select is not enough to see if data remains on an SSL socket

Net::LDAP supports non-blocking IO using select(2). It also supports LDAPS by using IO::Socket::SSL. The problem is that select(2) isn't enough to see if there is any data on an SSL socket - one must also check if there is any pending data in the SSL buffer that was already read from the socket. - ZL

Tue Nov 01 19:31:11 2011 https://www.google.com/accounts/o8/id?id=AItOawnhY1OPbN8MX5dQGUIqQTITc0nCyqI-hwY - Correspondence added

From:

cbratcher [...] barracuda.com

Patch attached.

Subject:

net_ldap_ssl_nonblocking.patch

--- Net/LDAP.pm 2011-09-03 10:50:34.000000000 -0700 +++ Net/LDAP.pm 2011-11-01 15:39:49.000000000 -0700 @@ -838,7 +834,7 @@ my $sel = IO::Select->new($sock); my $ready; - for( $ready = 1 ; $ready ; $ready = $sel->can_read(0)) { + for( $ready = 1 ; $ready ; $ready = $sel->can_read(0) || (ref($sock) eq 'IO::Socket::SSL' && $sock->pending())) { my $pdu; asn_read($sock, $pdu) or return _drop_conn($ldap, LDAP_OPERATIONS_ERROR, "Communications Error");

Tue Nov 01 19:31:13 2011 The RT System itself - Status changed from 'new' to 'open'

Thu May 17 12:28:01 2012 MARSCHAP [...] cpan.org - Status changed from 'open' to 'patched'

Sun Sep 16 10:57:45 2012 MARSCHAP [...] cpan.org - Status changed from 'patched' to 'resolved'

Sun Sep 16 10:57:45 2012 MARSCHAP [...] cpan.org - Fixed in 0.45 added