Browse code
c-rest-engine: Fixing fd leak due to SSL handshake failure
Change-Id: Id5732b9cad448bff62a651b7cb591173749280f2
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5143
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
Kumar Kaushik authored on 2018/05/10 07:51:31Showing 2 changed files
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
Name: c-rest-engine |
| 2 | 2 |
Summary: minimal http(s) server library |
| 3 | 3 |
Version: 1.2 |
| 4 |
-Release: 2%{?dist}
|
|
| 4 |
+Release: 3%{?dist}
|
|
| 5 | 5 |
Group: Applications/System |
| 6 | 6 |
Vendor: VMware, Inc. |
| 7 | 7 |
License: Apache 2.0 |
| ... | ... |
@@ -13,6 +13,7 @@ Source0: %{name}-%{version}.tar.gz
|
| 13 | 13 |
Patch0: c-rest-engine-aarch64.patch |
| 14 | 14 |
Patch1: c-rest-engine-fix-log-file-len.patch |
| 15 | 15 |
Patch2: preprocess-timeout.patch |
| 16 |
+Patch3: fd_leak.patch |
|
| 16 | 17 |
%define sha1 c-rest-engine=25aa9d1f2680e26114dee18365c510692552f8e4 |
| 17 | 18 |
|
| 18 | 19 |
%description |
| ... | ... |
@@ -33,6 +34,7 @@ development libs and header files for c-rest-engine |
| 33 | 33 |
%patch0 -p1 |
| 34 | 34 |
%patch1 -p1 |
| 35 | 35 |
%patch2 -p1 |
| 36 |
+%patch3 -p1 |
|
| 36 | 37 |
|
| 37 | 38 |
%build |
| 38 | 39 |
cd build |
| ... | ... |
@@ -66,6 +68,8 @@ find %{buildroot} -name '*.la' -delete
|
| 66 | 66 |
# %doc ChangeLog README COPYING |
| 67 | 67 |
|
| 68 | 68 |
%changelog |
| 69 |
+* Wed May 08 2018 Kumar Kaushik <kaushikk@vmware.com> 1.2-3 |
|
| 70 |
+- Appying patch for fd leak issue. |
|
| 69 | 71 |
* Fri Feb 23 2018 Kumar Kaushik <kaushikk@vmware.com> 1.2-2 |
| 70 | 72 |
- Appying patch for preprocess timeout. |
| 71 | 73 |
* Wed Feb 14 2018 Kumar Kaushik <kaushikk@vmware.com> 1.2-1 |
| 72 | 74 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,93 @@ |
| 0 |
+From 71654c6fbe669c98c6c8a27cd425713eb916642a Mon Sep 17 00:00:00 2001 |
|
| 1 |
+From: Kumar Kaushik <kaushikk@vmware.com> |
|
| 2 |
+Date: Wed, 9 May 2018 12:27:33 -0700 |
|
| 3 |
+Subject: [PATCH] Fixing file descriptor leak in case of SSL_accept failure |
|
| 4 |
+ |
|
| 5 |
+Change-Id: If5632e67da7843d7aa7ac48f1363dc58bbea2acb |
|
| 6 |
+--- |
|
| 7 |
+ transport/posix/socket.c | 43 ++++++++++++++++++++++++------------------- |
|
| 8 |
+ 1 file changed, 24 insertions(+), 19 deletions(-) |
|
| 9 |
+ |
|
| 10 |
+diff --git a/transport/posix/socket.c b/transport/posix/socket.c |
|
| 11 |
+index f50356d..364ce0e 100644 |
|
| 12 |
+--- a/transport/posix/socket.c |
|
| 13 |
+@@ -1160,8 +1160,6 @@ VmSockPosixCloseSocket( |
|
| 14 |
+ } |
|
| 15 |
+ BAIL_ON_VMREST_ERROR(dwError); |
|
| 16 |
+ |
|
| 17 |
+- VMREST_LOG_INFO(pRESTHandle,"C-REST-ENGINE: Closing socket with fd %d, Socket Type %u ( 2-Io / 5-Timer )", pSocket->fd, pSocket->type); |
|
| 18 |
+- |
|
| 19 |
+ pTimerSocket = pSocket->pTimerSocket; |
|
| 20 |
+ |
|
| 21 |
+ /**** Close the timer socket ****/ |
|
| 22 |
+@@ -1196,15 +1194,20 @@ VmSockPosixCloseSocket( |
|
| 23 |
+ /**** Delete from queue if this is NOT timeout ****/ |
|
| 24 |
+ if ((pSocket->type == VM_SOCK_TYPE_SERVER) && (!(pSocket->bTimerExpired))) |
|
| 25 |
+ {
|
|
| 26 |
+- dwError = VmSockPosixDeleteEventFromQueue( |
|
| 27 |
+- pRESTHandle, |
|
| 28 |
+- pRESTHandle->pSockContext->pEventQueue, |
|
| 29 |
+- pSocket |
|
| 30 |
+- ); |
|
| 31 |
+- BAIL_ON_VMREST_ERROR(dwError); |
|
| 32 |
++ dwError = VmSockPosixDeleteEventFromQueue( |
|
| 33 |
++ pRESTHandle, |
|
| 34 |
++ pRESTHandle->pSockContext->pEventQueue, |
|
| 35 |
++ pSocket |
|
| 36 |
++ ); |
|
| 37 |
++ if (dwError == VM_SOCK_POSIX_ERROR_SYS_CALL_FAILED) |
|
| 38 |
++ {
|
|
| 39 |
++ VMREST_LOG_WARNING(pRESTHandle,"Delete of IO socket fd %d from event queue failed, still progressing with conn close", pSocket->fd); |
|
| 40 |
++ dwError = REST_ENGINE_SUCCESS; |
|
| 41 |
++ } |
|
| 42 |
++ BAIL_ON_VMREST_ERROR(dwError); |
|
| 43 |
+ } |
|
| 44 |
+ |
|
| 45 |
+- /**** Close IO socket fd ****/ |
|
| 46 |
++ /**** Cleanup the SSL object associated with connection ****/ |
|
| 47 |
+ if (pRESTHandle->pSSLInfo->isSecure && pSocket->ssl && (pSocket->type != VM_SOCK_TYPE_TIMER)) |
|
| 48 |
+ {
|
|
| 49 |
+ if (pSocket->bSSLHandShakeCompleted) |
|
| 50 |
+@@ -1220,29 +1223,31 @@ VmSockPosixCloseSocket( |
|
| 51 |
+ pSocket->ssl = NULL; |
|
| 52 |
+ } |
|
| 53 |
+ |
|
| 54 |
+- if (pSocket->fd >= 0) |
|
| 55 |
++cleanup: |
|
| 56 |
++ |
|
| 57 |
++ /**** Close IO socket fd ****/ |
|
| 58 |
++ if (pSocket && pSocket->fd >= 0) |
|
| 59 |
+ {
|
|
| 60 |
++ VMREST_LOG_INFO(pRESTHandle,"C-REST-ENGINE: Closing socket with fd %d, Socket Type %u ( 2-Io / 5-Timer )", pSocket->fd, pSocket->type); |
|
| 61 |
+ close(pSocket->fd); |
|
| 62 |
+ pSocket->fd = -1; |
|
| 63 |
+ } |
|
| 64 |
+ |
|
| 65 |
+- VmRESTUnlockMutex(pSocket->pMutex); |
|
| 66 |
+- bLockedIO = FALSE; |
|
| 67 |
+- |
|
| 68 |
+-cleanup: |
|
| 69 |
++ if (bLockedIO) |
|
| 70 |
++ {
|
|
| 71 |
++ VmRESTUnlockMutex(pSocket->pMutex); |
|
| 72 |
++ bLockedIO = FALSE; |
|
| 73 |
++ } |
|
| 74 |
+ |
|
| 75 |
+ return dwError; |
|
| 76 |
+ |
|
| 77 |
+ error: |
|
| 78 |
++ VMREST_LOG_ERROR(pRESTHandle,"Error while closing socket..dwError = %u", dwError); |
|
| 79 |
+ |
|
| 80 |
+ if (bLockedTimer) |
|
| 81 |
+ {
|
|
| 82 |
+ VmRESTUnlockMutex(pTimerSocket->pMutex); |
|
| 83 |
+- } |
|
| 84 |
+- |
|
| 85 |
+- if (bLockedIO) |
|
| 86 |
+- {
|
|
| 87 |
+- VmRESTUnlockMutex(pSocket->pMutex); |
|
| 88 |
++ bLockedTimer = FALSE; |
|
| 89 |
+ } |
|
| 90 |
+ |
|
| 91 |
+ goto cleanup; |