[pkg-remote-commits] [xrdp] 02/03: Fix high CPU load on ssl_tls_accept.

Dominik George natureshadow-guest at moszumanska.debian.org
Fri Dec 15 18:40:06 UTC 2017 

This is an automated email from the git hooks/post-receive script.

natureshadow-guest pushed a commit to branch stretch
in repository xrdp.

commit 893c0648170e48d4a0beb642014b7f575b8445dd
Author: Dominik George <nik at naturalnet.de>
Date:   Fri Dec 15 19:28:41 2017 +0100

    Fix high CPU load on ssl_tls_accept.
---
 debian/changelog                         |  3 ++-
 debian/patches/fix-ssl-accept-load.patch | 23 +++++++++++++++++++++++
 debian/patches/series                    |  1 +
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index 422df4c..57a1543 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,9 @@
 xrdp (0.9.1-9+deb9u2) stretch; urgency=medium
 
   * Fix CVE-2017-16927. (Closes: #882463)
+  * Fix high CPU load on ssl_tls_accept. (Closes: #884453)
 
- -- Dominik George <nik at naturalnet.de>  Fri, 15 Dec 2017 02:05:40 +0100
+ -- Dominik George <nik at naturalnet.de>  Fri, 15 Dec 2017 19:28:28 +0100
 
 xrdp (0.9.1-9+deb9u1) stretch; urgency=medium
 
diff --git a/debian/patches/fix-ssl-accept-load.patch b/debian/patches/fix-ssl-accept-load.patch
new file mode 100644
index 0000000..10e9e21
--- /dev/null
+++ b/debian/patches/fix-ssl-accept-load.patch
@@ -0,0 +1,23 @@
+From: jsorg71
+Subject: Avoid 100% CPU load on ssl_tls_accept
+Origin: https://github.com/neutrinolabs/xrdp/commit/a9eb21e6d73d94989dc0fa221824b0625b37b7aa.diff
+Bug: https://github.com/neutrinolabs/xrdp/issues/954
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884453
+--- a/common/ssl_calls.c
++++ b/common/ssl_calls.c
+@@ -726,6 +726,15 @@ ssl_tls_accept(struct ssl_tls *self, int
+              *     SSL_ERROR_WANT_READ
+              *     SSL_ERROR_WANT_WRITE
+              */
++            switch (SSL_get_error(self->ssl, connection_status))
++            {
++                case SSL_ERROR_WANT_READ:
++                    g_sck_can_recv(self->trans->sck, SSL_WANT_READ_WRITE_TIMEOUT);
++                    break;
++                case SSL_ERROR_WANT_WRITE:
++                    g_sck_can_send(self->trans->sck, SSL_WANT_READ_WRITE_TIMEOUT);
++                    break;
++            }
+         }
+         else
+         {
diff --git a/debian/patches/series b/debian/patches/series
index ca1ecfd..b67f8ba 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -12,3 +12,4 @@ highres.diff
 cve-2017-6967.diff
 fix-876976.patch
 cve-2017-16927.patch
+fix-ssl-accept-load.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-remote/xrdp.git

More information about the pkg-remote-commits mailing list