socket.syswrite return is value not checked; sent data can be truncated

[zarmin]

Experiencing some issue using TLS. Payloads are truncated after exactly 16k.

TLS RFC sets the record size to 16k, so with one write only 16k can be written.

Small ruby PoC to demonstrate:

require 'socket'
require 'openssl'

context = OpenSSL::SSL::SSLContext.new
tcp_client = TCPSocket.new 'google.hu', 443
ssl_client = OpenSSL::SSL::SSLSocket.new tcp_client, context
ssl_client.connect

payload = 'A' * (16 * 1024 + 123) # 16k + 123 byte

n = ssl_client.syswrite(payload)
puts "Payload size: #{payload.length}"
puts "Written bytes: #{n}"

ssl_client.close

output:

Payload size: 16507
Written bytes: 16384

[airikh]

I'm also experiencing message truncation with TLS enabled.

I noticed there are 2 open PRs around this issue. Are there plans to incorporate a fix in the near future?

Also, I found a commit in the Lumberjack-related coded that fixed a similar issue: https://github.com/elastic/logstash-forwarder/pull/384

Thanks!

[mashhurs]

A 6.1.1 version of plugin addresses this issue.