cURL / Mailing Lists / curl-library / Single Mail

curl-library

proposed patch to ssluse.c to fix sockets hanging in close_wait forever

From: Mike Giancola <mikegiancola_at_gmail.com>
Date: Wed, 22 May 2013 09:27:57 -0400

Hi All,

We have an application that uses the curl multi interface. We found that in
specific cases if the connection is abruptly closed, the underlying socket
is listed in a close_wait state. We continue to call the
curl_multi_perform, curl_mutli_fdset etc. None of these APIs report the
socket closed / connection finished. Since we have cases where the multi
connection is only used once, this can pose a problem for us. I've read
that if another connection was to come in, curl would see the socket as bad
and attempt to close it at that time - unfortunately, this does not work
for us.

What I've found is that in specific situations, if SSL_write returns 0,
curl does not recognize the socket as closed (or errored out) and does not
report it to the application. I believe we need to change the code
slightly, to check if ssl_write returns 0. If so, treat it as an error -
the same as a negative return code.

For OpenSSL - the ssl_write documentation is here:
http://www.openssl.org/docs/ssl/SSL_write.html

My proposed patch is below.

Thanks!

Mike

diff --git a/lib/ssluse.c b/lib/ssluse.c****

index 22d8bcb..248c403 100644****

--- a/lib/ssluse.c****

+++ b/lib/ssluse.c****

@@ -2645,7 +2654,14 @@ static ssize_t ossl_send(struct connectdata *conn,***
*

memlen = (len > (size_t)INT_MAX) ? INT_MAX : (int)len;****

rc = SSL_write(conn->ssl[sockindex].handle, mem, memlen);****

****

- if(rc < 0) {****

+ /* need to make sure that if ssl_write returns any error we note it****

+ * according to open ssl documentation if ssl_write returns 0 it means**
**

+ * "The write operation was not successful. Probably the underlying
connection was closed."****

+ * We noticed some cases where if an abnormal disconnect occurs, a
socket would get stuck****

+ * in a "close_wait" state.****

+ * http://www.openssl.org/docs/ssl/SSL_write.html****

+ */****

+ if(rc <= 0) {****

err = SSL_get_error(conn->ssl[sockindex].handle, rc);****

****

switch(err) {

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-05-22

This message: [ Message body ]
Next message: narayanan manikandan: "Random proxy authentication error in windows"
Previous message: Ben Thomas: "cURL SFTP upload speed only 50% compared to command line SFTP"
Next in thread: Daniel Stenberg: "Re: proposed patch to ssluse.c to fix sockets hanging in close_wait forever"
Reply: Daniel Stenberg: "Re: proposed patch to ssluse.c to fix sockets hanging in close_wait forever"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]