-
Notifications
You must be signed in to change notification settings - Fork 497
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to create SSL context #959
Comments
@gtaban @shmuelk On that commit, the problem goes away with commenting out this line that was added in that commit. However, commenting out that same line on master does not fix the issue. So it looks like some other changes since then makes the problem reappear. Further investigation is needed to find out how this should be properly fixed. |
@navneet thanks for the research work. @billabt I did an additional test here, after you pointed out to me that SSL on Kitura 1.2 works and fails on later versions. I commented out line 1305 in Socket.swift (self.delegate?.deinitialize() ). This is in the function deinit of Socket.swift. After commenting out that line of code SSL works. I believe the problem is in the deinitialization of SLLService instances somehow, or somehow they are being shared across Socket instances. |
…Delegate method BEFORE closing the Socket as part of the close() method, not the deinit(). In SSLService, commented out the cleanup of OpenSSL error strings and EVP due to issues discovered in the latest OpenSSL version.
…Delegate method BEFORE closing the Socket as part of the close() method, not the deinit(). In SSLService, commented out the cleanup of OpenSSL error strings and EVP due to issues discovered in the latest OpenSSL version.
Fixed in BlueSocket v0.12.18 and BlueSSLService v0.12.12. |
@billabt Thanks. That fixes the problem for the most part. But in some new unit tests I added in branch 962, there is a new failure:
It seems to occur in this line: |
Did you set a breakpoint in malloc_error_break? If not, can you try the test again with that breakpoint set and then post the stack trace? |
There's actually no freeing of buffers taking place anywhere in this section of code. It's possible that it's happening inside SSLWrite itself or just prior to it... The stack trace should give us a clue. |
@billabt Here is the stack trace: |
@billabt Turns out this was caused by a bug in Kitura where it was calling Socket.write() after calling Socket.close() in some circumstances. I will put in a fix for Kitura. It may be worthwhile to put in a check for this in Socket and/or SSLService as well. |
@keshavakarthik Please try again with the fixes in Kitura 1.6 |
With Kitura (.Package(url: "https://github.com/IBM-Swift/Kitura", majorVersion: 1, minor: 4)) adding SSL Support ( Self-Signed ) giving the error
"Error accepting client connection: Error code: 12, ERROR: Unable to create SSL context."
Whereas the same code is working fine with Kitura Version (Package(url: "https://github.com/IBM-Swift/Kitura.git", majorVersion: 1, minor: 0))
The text was updated successfully, but these errors were encountered: