Skip to content
This repository has been archived by the owner on Jan 15, 2025. It is now read-only.

openssl reads cert.pem in two-byte increments on Windows #786

Closed
joshcooper opened this issue Jan 30, 2024 · 5 comments
Closed

openssl reads cert.pem in two-byte increments on Windows #786

joshcooper opened this issue Jan 30, 2024 · 5 comments
Labels
bug Something isn't working triaged Jira issue has been created for this

Comments

@joshcooper
Copy link
Contributor

Describe the Bug

openssl shipped in the runtime inefficiently reads cert.pem on Windows. A simple puppet --version results in 116k calls to ReadFile with a two-byte buffer as can be seen from Process Monitor:

Process Monitor

Expected Behavior

It should use buffered reads

Steps to Reproduce

Steps to reproduce the behavior:

  1. Install puppet-agent 8.4.0
  2. Start process monitor and filter on process name ruby.exe
  3. Run puppet --version

Environment

C:\ProgramData\PuppetLabs>ruby --version
ruby 3.2.2 (2023-03-30 revision e51014f9c0) [x64-mingw32]

C:\ProgramData\PuppetLabs>openssl version
OpenSSL 3.0.12 24 Oct 2023 (Library: OpenSSL 3.0.12 24 Oct 2023)

C:\ProgramData\PuppetLabs>puppet --version
8.4.0

Additional Context

This might be a bug in upstream openssl 3.0.x. Need to check if puppet-agent 7.x/openssl 1.1.1 has the same issue.

@joshcooper joshcooper added the bug Something isn't working label Jan 30, 2024
@joshcooper
Copy link
Contributor Author

Can be reproduced using:

#include <openssl/ssl.h>

int main(int argc, char **argv)
{
    SSL_CTX* ctx = SSL_CTX_new(TLS_client_method());
    SSL_CTX_set_default_verify_file(ctx);
    return 0;
}

OpenSSL disabled file buffering when text mode is enabled: openssl/openssl#13190

To work around an issue in the UCRT: https://developercommunity.visualstudio.com/t/fseek-ftell-fail-in-text-mode-for-unix-style-text/425878

@joshcooper
Copy link
Contributor Author

I submitted openssl/openssl#24249

@AriaXLi
Copy link
Contributor

AriaXLi commented Oct 29, 2024

New PR: openssl/openssl#25716

@AriaXLi AriaXLi added the triaged Jira issue has been created for this label Jan 9, 2025
Copy link

github-actions bot commented Jan 9, 2025

Migrated issue to PA-7281

@AriaXLi
Copy link
Contributor

AriaXLi commented Jan 9, 2025

Closing this issue because puppet-runtime is being archived (see OSPTE-212)

@AriaXLi AriaXLi closed this as completed Jan 9, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug Something isn't working triaged Jira issue has been created for this
Projects
None yet
Development

No branches or pull requests

2 participants