Skip to content

[fix](mysql) Fix SSL unwrap infinite loop on handshake failure #57364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gavinchou merged 2 commits into from
Nov 1, 2025
Merged

[fix](mysql) Fix SSL unwrap infinite loop on handshake failure #57364

gavinchou merged 2 commits into from
Nov 1, 2025

Conversation

@Yukang-Lian
Copy link
Collaborator

@Yukang-Lian Yukang-Lian commented Oct 27, 2025

What problem does this PR solve?

Issue Number: close #xxx

Related PR: #xxx

Problem Summary:

Release note

None

Check List (For Author)

  • Test

    • Regression test
    • Unit Test
    • Manual test (add detailed scripts or steps below)
    • No need to test or manual test. Explain why:
      • This is a refactor/code format and no logic has been changed.
      • Previous test can cover this change.
      • No code files have been changed.
      • Other reason

  • Behavior changed:

    • No.
    • Yes.

  • Does this need documentation?

    • No.
    • Yes.

Check List (For Reviewer who merge this PR)

  • Confirm the release note
  • Confirm test cases
  • Confirm document
  • Add branch pick label

@Thearas
Copy link
Contributor

Thearas commented Oct 27, 2025

Thank you for your contribution to Apache Doris.
Don't know what should be done next? See How to process your PR.

Please clearly describe your PR:

  1. What problem was fixed (it's best to include specific error reporting information). How it was fixed.
  2. Which behaviors were modified. What was the previous behavior, what is it now, why was it modified, and what possible impacts might there be.
  3. What features were added. Why was this function added?
  4. Which code was refactored and why was this part of the code refactored?
  5. Which functions were optimized and what is the difference before and after the optimization?

@dataroaring
Copy link
Contributor

dataroaring commented Oct 27, 2025

run buildall

@doris-robot
Copy link

doris-robot commented Oct 27, 2025

TPC-DS: Total hot run time: 188085 ms 
machine: 'aliyun_ecs.c7a.8xlarge_32C64G'
scripts: https://github.com/apache/doris/tree/master/tools/tpcds-tools
TPC-DS sf100 test result on commit b263b7e6d7362d936c89eff8a112f86c09339246, data reload: false

query1	1075	446	403	403
query2	6564	1695	1704	1695
query3	6766	217	219	217
query4	26528	24088	23065	23065
query5	4935	648	486	486
query6	364	254	237	237
query7	4658	498	322	322
query8	359	284	279	279
query9	8748	2611	2618	2611
query10	544	352	286	286
query11	15385	15104	14894	14894
query12	201	121	120	120
query13	1723	593	443	443
query14	12678	9181	9195	9181
query15	269	200	183	183
query16	7878	721	512	512
query17	1611	797	686	686
query18	2160	455	378	378
query19	314	227	215	215
query20	141	127	134	127
query21	232	156	127	127
query22	4854	4822	4524	4524
query23	34879	33969	33950	33950
query24	8216	2464	2567	2464
query25	647	536	478	478
query26	1239	290	165	165
query27	2879	523	377	377
query28	4299	2271	2244	2244
query29	949	666	514	514
query30	305	242	227	227
query31	936	840	783	783
query32	80	80	78	78
query33	631	395	348	348
query34	849	882	559	559
query35	853	902	790	790
query36	992	1044	947	947
query37	141	118	92	92
query38	3756	3668	3700	3668
query39	1514	1440	1405	1405
query40	217	125	120	120
query41	60	56	59	56
query42	123	106	113	106
query43	479	496	461	461
query44	1206	753	734	734
query45	179	182	171	171
query46	898	982	633	633
query47	1789	1806	1797	1797
query48	388	436	321	321
query49	772	520	425	425
query50	641	685	408	408
query51	3990	3962	3972	3962
query52	106	106	98	98
query53	244	271	194	194
query54	603	592	536	536
query55	95	87	88	87
query56	326	318	313	313
query57	1186	1190	1123	1123
query58	290	299	287	287
query59	2570	2623	2553	2553
query60	368	344	336	336
query61	160	156	153	153
query62	801	721	662	662
query63	233	197	190	190
query64	4422	1149	850	850
query65	4048	3962	3943	3943
query66	1087	424	329	329
query67	15413	15497	15103	15103
query68	8874	941	607	607
query69	477	328	292	292
query70	1372	1356	1278	1278
query71	504	332	324	324
query72	5825	4936	2578	2578
query73	712	583	361	361
query74	9041	9134	8587	8587
query75	4074	3284	2813	2813
query76	3522	1134	732	732
query77	771	406	311	311
query78	9741	9687	8846	8846
query79	2107	831	608	608
query80	674	595	510	510
query81	492	261	233	233
query82	444	167	136	136
query83	299	271	262	262
query84	300	121	105	105
query85	923	492	460	460
query86	338	305	301	301
query87	3753	3724	3656	3656
query88	2910	2308	2289	2289
query89	404	330	310	310
query90	1952	234	211	211
query91	170	168	137	137
query92	84	69	68	68
query93	1176	975	658	658
query94	689	453	346	346
query95	409	330	327	327
query96	491	604	282	282
query97	2968	3003	2874	2874
query98	231	214	208	208
query99	1485	1382	1344	1344
Total cold run time: 281058 ms
Total hot run time: 188085 ms

@doris-robot
Copy link

doris-robot commented Oct 27, 2025

ClickBench: Total hot run time: 28.28 s 
machine: 'aliyun_ecs.c7a.8xlarge_32C64G'
scripts: https://github.com/apache/doris/tree/master/tools/clickbench-tools
ClickBench test result on commit b263b7e6d7362d936c89eff8a112f86c09339246, data reload: false

query1	0.05	0.05	0.05
query2	0.09	0.05	0.06
query3	0.25	0.09	0.09
query4	1.61	0.12	0.12
query5	0.27	0.28	0.25
query6	1.18	0.67	0.66
query7	0.03	0.03	0.03
query8	0.06	0.04	0.04
query9	0.62	0.52	0.53
query10	0.57	0.59	0.58
query11	0.16	0.11	0.12
query12	0.15	0.12	0.13
query13	0.63	0.61	0.61
query14	1.00	1.03	1.01
query15	0.89	0.83	0.83
query16	0.41	0.39	0.39
query17	1.02	1.05	1.02
query18	0.21	0.20	0.19
query19	1.88	1.84	1.78
query20	0.02	0.01	0.02
query21	15.81	0.21	0.13
query22	5.53	0.06	0.05
query23	15.70	0.25	0.10
query24	2.34	1.12	1.16
query25	0.09	0.07	0.05
query26	0.14	0.12	0.14
query27	0.08	0.05	0.05
query28	6.09	1.17	0.92
query29	12.61	3.98	3.28
query30	0.28	0.14	0.11
query31	2.82	0.61	0.38
query32	3.23	0.56	0.47
query33	3.07	3.09	3.11
query34	15.87	5.21	4.56
query35	4.57	4.60	4.54
query36	0.69	0.51	0.49
query37	0.10	0.07	0.06
query38	0.06	0.04	0.03
query39	0.04	0.03	0.03
query40	0.17	0.15	0.14
query41	0.08	0.03	0.03
query42	0.04	0.03	0.03
query43	0.04	0.04	0.04
Total cold run time: 100.55 s
Total hot run time: 28.28 s

@hello-stephen
Copy link
Contributor

hello-stephen commented Oct 27, 2025

FE UT Coverage Report

Increment line coverage 0.00% (0/40) 🎉
Increment coverage report
Complete coverage report

@hello-stephen
Copy link
Contributor

hello-stephen commented Oct 27, 2025

FE Regression Coverage Report

Increment line coverage 17.50% (7/40) 🎉
Increment coverage report
Complete coverage report

@Yukang-Lian
Copy link
Collaborator Author

Yukang-Lian commented Oct 29, 2025

run buildall

@hello-stephen
Copy link
Contributor

hello-stephen commented Oct 29, 2025

FE Regression Coverage Report

Increment line coverage 47.86% (56/117) 🎉
Increment coverage report
Complete coverage report

gavinchou
gavinchou previously approved these changes Oct 29, 2025
View reviewed changes
@github-actions github-actions bot added the approved Indicates a PR has been approved by one committer. label Oct 29, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Oct 29, 2025

PR approved by at least one committer and no changes requested.

@github-actions
Copy link
Contributor

github-actions bot commented Oct 29, 2025

PR approved by anyone and no changes requested.

koarz
koarz reviewed Oct 29, 2025
View reviewed changes
fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlChannel.java Outdated
result.limit(result.position() + packetLen);
readLen = readAll(result, false);
if (isSslMode && remainingBuffer.position() == 0 && result.hasRemaining()) {
if (isSslMode && !isSslHandshaking && remainingBuffer.position() == 0 && result.hasRemaining()) {
Copy link
Contributor

@koarz koarz Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i noticed

public void setSslMode(boolean sslMode) {
    isSslMode = sslMode;
    if (isSslMode) {
        // channel in ssl mode means handshake phase has finished.
        isSslHandshaking = false;
    }
}

Is it necessary to add this check?

koarz
koarz reviewed Oct 29, 2025
View reviewed changes
fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlChannel.java Outdated
if (sslEngine == null) {
return;
}
boolean previousHandshaking = isSslHandshaking;
Copy link
Contributor

@koarz koarz Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same situation,before completeHandshake execute,the isSslMode == true

@github-actions github-actions bot removed the approved Indicates a PR has been approved by one committer. label Oct 30, 2025
@github-actions github-actions bot added the approved Indicates a PR has been approved by one committer. label Oct 31, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Oct 31, 2025

PR approved by at least one committer and no changes requested.

@gavinchou gavinchou self-requested a review November 1, 2025 10:42
@gavinchou
Copy link
Contributor

gavinchou commented Nov 1, 2025

run buildall

@doris-robot
Copy link

doris-robot commented Nov 1, 2025

TPC-DS: Total hot run time: 189911 ms 
machine: 'aliyun_ecs.c7a.8xlarge_32C64G'
scripts: https://github.com/apache/doris/tree/master/tools/tpcds-tools
TPC-DS sf100 test result on commit 4ad1f7ecaa3244b34813f553e06da66872f5f32b, data reload: false

query1	1070	398	385	385
query2	6599	1670	1684	1670
query3	6756	226	217	217
query4	26396	23681	23450	23450
query5	4922	632	462	462
query6	354	244	238	238
query7	4661	502	303	303
query8	302	260	250	250
query9	8732	2598	2586	2586
query10	518	368	296	296
query11	15596	15103	14769	14769
query12	195	117	111	111
query13	1672	559	427	427
query14	11597	9104	9230	9104
query15	202	192	175	175
query16	7724	719	501	501
query17	1313	761	651	651
query18	2040	457	382	382
query19	259	299	212	212
query20	153	157	141	141
query21	226	146	127	127
query22	4890	4801	4708	4708
query23	34801	33759	34018	33759
query24	9051	2567	2546	2546
query25	636	580	522	522
query26	1422	314	170	170
query27	3026	563	376	376
query28	4474	2282	2242	2242
query29	851	713	546	546
query30	296	235	204	204
query31	953	881	876	876
query32	80	69	71	69
query33	606	394	352	352
query34	814	865	514	514
query35	814	819	731	731
query36	952	983	906	906
query37	125	107	78	78
query38	3604	3520	3467	3467
query39	1467	1419	1382	1382
query40	221	126	117	117
query41	59	56	56	56
query42	119	107	109	107
query43	480	504	488	488
query44	1199	729	739	729
query45	178	178	166	166
query46	875	984	633	633
query47	1754	1813	1727	1727
query48	406	439	320	320
query49	795	487	424	424
query50	639	683	402	402
query51	3873	4013	3860	3860
query52	109	105	100	100
query53	232	263	191	191
query54	303	303	275	275
query55	83	82	79	79
query56	364	309	301	301
query57	1188	1183	1128	1128
query58	277	270	262	262
query59	2555	2669	2625	2625
query60	346	342	313	313
query61	157	155	155	155
query62	782	708	681	681
query63	226	188	185	185
query64	4446	1179	878	878
query65	4032	3952	3945	3945
query66	1094	441	334	334
query67	15359	15045	14933	14933
query68	8639	898	595	595
query69	489	333	296	296
query70	1372	1328	1222	1222
query71	510	347	319	319
query72	5982	4960	4845	4845
query73	707	577	359	359
query74	8865	9223	8992	8992
query75	3977	3342	2823	2823
query76	3871	1180	729	729
query77	808	412	311	311
query78	9517	9701	8974	8974
query79	2189	822	595	595
query80	632	554	494	494
query81	508	260	231	231
query82	467	156	130	130
query83	271	262	240	240
query84	259	116	89	89
query85	920	476	441	441
query86	396	325	293	293
query87	3762	3783	3642	3642
query88	3810	2271	2256	2256
query89	393	324	297	297
query90	1931	230	227	227
query91	169	174	135	135
query92	80	70	62	62
query93	1694	1007	637	637
query94	712	420	340	340
query95	400	319	319	319
query96	503	555	280	280
query97	2939	3007	2884	2884
query98	240	216	208	208
query99	1337	1416	1327	1327
Total cold run time: 280649 ms
Total hot run time: 189911 ms

@doris-robot
Copy link

doris-robot commented Nov 1, 2025

ClickBench: Total hot run time: 27.84 s 
machine: 'aliyun_ecs.c7a.8xlarge_32C64G'
scripts: https://github.com/apache/doris/tree/master/tools/clickbench-tools
ClickBench test result on commit 4ad1f7ecaa3244b34813f553e06da66872f5f32b, data reload: false

query1	0.06	0.05	0.05
query2	0.10	0.05	0.05
query3	0.25	0.08	0.08
query4	1.60	0.12	0.11
query5	0.27	0.27	0.26
query6	1.16	0.66	0.63
query7	0.04	0.03	0.03
query8	0.06	0.04	0.04
query9	0.59	0.51	0.51
query10	0.58	0.57	0.56
query11	0.16	0.11	0.12
query12	0.15	0.13	0.13
query13	0.62	0.60	0.60
query14	1.01	1.00	1.00
query15	0.85	0.84	0.83
query16	0.40	0.39	0.40
query17	1.02	1.03	1.02
query18	0.22	0.20	0.23
query19	1.92	1.80	1.82
query20	0.01	0.01	0.02
query21	15.44	0.19	0.14
query22	5.08	0.06	0.04
query23	15.68	0.26	0.10
query24	3.09	0.56	0.85
query25	0.08	0.06	0.06
query26	0.15	0.14	0.14
query27	0.06	0.05	0.06
query28	4.77	1.15	0.93
query29	12.69	4.04	3.36
query30	0.29	0.14	0.11
query31	2.81	0.60	0.38
query32	3.23	0.55	0.48
query33	3.09	3.04	3.07
query34	16.01	5.20	4.58
query35	4.54	4.59	4.59
query36	0.68	0.50	0.49
query37	0.10	0.07	0.07
query38	0.06	0.04	0.04
query39	0.04	0.02	0.02
query40	0.17	0.15	0.15
query41	0.09	0.03	0.04
query42	0.03	0.03	0.03
query43	0.04	0.04	0.04
Total cold run time: 99.29 s
Total hot run time: 27.84 s

@hello-stephen
Copy link
Contributor

hello-stephen commented Nov 1, 2025

FE Regression Coverage Report

Increment line coverage 36.67% (11/30) 🎉
Increment coverage report
Complete coverage report

@gavinchou gavinchou merged commit c757cb8 into apache:master Nov 1, 2025
29 of 30 checks passed
github-actions bot pushed a commit that referenced this pull request Nov 1, 2025
@Yukang-Lian
[fix](mysql) Fix SSL unwrap infinite loop on handshake failure (#57364)
547bae0
@github-actions github-actions bot mentioned this pull request Nov 1, 2025
Merged
github-actions bot pushed a commit that referenced this pull request Nov 1, 2025
@Yukang-Lian
[fix](mysql) Fix SSL unwrap infinite loop on handshake failure (#57364)
cbff3d6
@github-actions github-actions bot mentioned this pull request Nov 1, 2025
Merged
yiguolei pushed a commit that referenced this pull request Nov 3, 2025
@github-actions @Yukang-Lian
branch-4.0: [fix](mysql) Fix SSL unwrap infinite loop on handshake fa…
65f24e7 
…ilure #57364 (#57600)

Cherry-picked from #57364

Co-authored-by: abmdocrt <lianyukang@selectdb.com>
morrySnow pushed a commit that referenced this pull request Nov 3, 2025
@github-actions @Yukang-Lian
branch-3.1: [fix](mysql) Fix SSL unwrap infinite loop on handshake fa…
39ee469 
…ilure #57364 (#57599)

Cherry-picked from #57364

Co-authored-by: abmdocrt <lianyukang@selectdb.com>
yiguolei pushed a commit to yiguolei/incubator-doris that referenced this pull request Dec 30, 2025
@selectdb-robot @Yukang-Lian
branch-selectdb-doris-3.0: [fix](mysql) Fix SSL unwrap infinite loop …
94b84e1 
…on handshake failure apache#57364 (apache#5763)

cherry-picks from apache#57364
Related to apache#5448

Co-authored-by: abmdocrt <lianyukang@selectdb.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gavinchou gavinchou gavinchou approved these changes

+1 more reviewer

@koarz koarz koarz approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by one committer. dev/3.1.3-merged dev/4.0.1-merged reviewed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@Yukang-Lian @Thearas @dataroaring @doris-robot @hello-stephen @gavinchou @koarz @yiguolei @morrySnow