[cl-plus-ssl-devel] Possible bug in test-https-server (2008-11-04)

John McAleely john at mcaleely.com
Sat Jan 17 14:49:41 UTC 2009 

All,

I've recently tried to use CL+SSL on CCL (Clozure Common Lisp Version  
1.2-r9226-RC1).

When I loaded cl+ssl (the latest tarball, 2008-11004) and its various  
dependencies (whatever was latest on the web), I tried to load and run  
the samples in example.lisp

(ssl-test::test-https-client)

works fine, and produces useful output. However,

(ssl-test::test-https-server)

almost works, but fails to return output to the connecting browser:


? (ssl-test::test-https-server)
SSL server listening on port 8080
HTTPS> GET / HTTP/1.1
HTTPS> User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_6;
en-us) AppleWebKit/525.27.1 (KHTML, like Gecko) Version/3.2.1 Safari/
525.27.1
HTTPS> Accept: text/xml,application/xml,application/xhtml+xml,text/
html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
HTTPS> Accept-Language: en-us
HTTPS> Accept-Encoding: gzip, deflate
HTTPS> Connection: keep-alive
HTTPS> Host: debian-lisp.local:8080
> Error: An I/O error occurred: undocumented reason. (return code:
5)SSL error queue:
>
> While executing: CL+SSL::SSL-SIGNAL-ERROR, in process listener(1).
> Type :POP to abort, :R for a list of available restarts.
> Type :? for other options.
1 > :b
  (2AAAAACBB848) : 0 (SSL-SIGNAL-ERROR #<A Foreign Pointer #x684B70>
#<Compiled-function CL+SSL::SSL-WRITE #x300040FEF01F> 5 -1) 397
  (2AAAAACBB880) : 1 (FUNCALL #'#<#<STANDARD-METHOD STREAM-FORCE-
OUTPUT (CL+SSL::SSL-STREAM)>> #<SSL-SERVER-STREAM for 6>) 1037
  (2AAAAACBB908) : 2 (FORCE-OUTPUT [...]) 69
  (2AAAAACBB920) : 3 (FUNCALL #'#<#<STANDARD-METHOD CLOSE (CL+SSL::SSL-
STREAM)>> #<SSL-SERVER-STREAM for 6> [...]) 157
  (2AAAAACBB950) : 4 (%%CHECK-KEYWORDS #(1 #(:ABORT) #<METHOD-FUNCTION
CLOSE #>) 5864062285622) 245
  (2AAAAACBB9D0) : 6 (%%CHECK-KEYWORDS #(1 #(:ABORT) #<METHOD-FUNCTION
CLOSE #>) 5864062285637) 245
  (2AAAAACBBA38) : 8 (TEST-HTTPS-SERVER [...]) 557

(other items from stack trimmed for brevity)

Investigation by myself and Gary Byers on the openmcl-dev mailing list  
suggests that the underlying cause is that the test server is trying  
to write its output via a handle it has already closed. No output is  
attempted until the close triggers some sort of flush. Looking at the  
source:

      (let* ((socket (trivial-sockets:accept-connection
		      server
		      :element-type '(unsigned-byte 8)))
	     (client (cl+ssl:make-ssl-server-stream
		      (cl+ssl:stream-fd socket)
		      :external-format :iso-8859-1
		      :certificate cert
		      :key key)))

<snip>

	  (close socket)  ; possibly closing the shared fd
	  (close client)  ; possibly forcing output to the closed fd

It looks like it closes socket before client, yet client depends on  
socket for the server to return data to the browser.

If I swap the order of the close calls:

	  (close client)
	  (close socket)

All is well, and the test server returns a page to the browser.

I had a look at the CVS, to see if this was some sort of recent  
change, but the web interface befuddled me, and I couldn't see history  
for the example.lisp file.

Is this a bug? Or is there something amiss with my lisp config/ 
dependencies, etc?

J

More information about the cl-plus-ssl-devel mailing list