Roxen.git/ server/ protocols/ http.pike

Branch: Tag:

2007-03-09

2007-03-09 21:30:39 by Martin Stjernholm <mast@lysator.liu.se>

Avoid leaking fd's when clients open ssl connections and close them
immediately again.

Rev: server/protocols/http.pike:1.518
Rev: server/protocols/prot_https.pike:2.15

2:   // Modified by Francesco Chemolli to add throttling capabilities.   // Copyright © 1996 - 2004, Roxen IS.    - constant cvs_version = "$Id: http.pike,v 1.517 2007/02/27 09:08:18 noring Exp $"; + constant cvs_version = "$Id: http.pike,v 1.518 2007/03/09 21:30:38 mast Exp $";   // #define REQUEST_DEBUG   #define MAGIC_ERROR   
996: Inside #if defined(DEBUG)
   if (mixed err = catch (my_fd->close())) {   #ifdef DEBUG    report_debug ("Failed to close http(s) connection: " + -  describe_error (err)); +  describe_backtrace (err));   #endif    }    my_fd = 0;
1069:    data_buffer = 0;    pipe = 0;    -  // Avoid that the fd is closed by disconnect() - the write direction -  // might still want to use it. We rely on refcount garbing instead. +  // Zero my_fd to avoid that the fd is closed by disconnect() - the +  // write direction might still want to use it. We rely on refcount +  // garbing instead, which means we must be careful about +  // deinstalling callbacks (they might not point to this object in +  // all cases).    // -  // FIXME: sslfile's might not close nicely if they're refcount -  // garbed. +  // http_fallback.ssl_alert_callback also counts on that my_fd +  // doesn't get closed since it calls this close callback and then +  // passes the connection on to fallback_redirect_request. +  my_fd->set_read_callback (0); +  my_fd->set_close_callback (0); +  if (my_fd->set_alert_callback) { +  // Ugly hack in case of an ssl connection: Zero the alert and +  // accept callbacks too. They are set by the http_fallback in +  // prot_https.pike. It normally ensures that they get zeroed too +  // after a successful connect or http redirect, but if the client +  // drops the connection very early, before either path has been +  // taken, we get here directly. (http_fallback can't wrap close_cb +  // since it's installed afterwards.) +  my_fd->set_alert_callback (0); +  my_fd->set_accept_callback (0); +  }    my_fd = 0;       disconnect();