mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-14 07:24:32 +00:00
BUG/MEDIUM: session: fix FD leak when transport layer logging is enabled
Commit 2b199c9a
attempted to fix all places where the transport layer
is improperly closed, but it missed one place in session_free(). If
SSL ciphers are logged, the close() is delayed post-log and performed
in session_free(). However, conn_xprt_close() only closes the transport
layer but not the file descriptor, resulting in a slow FD leak which is
hardly noticeable until the process cannot accept any new connection.
A workaround consisted in disabling %sslv/%sslc in log-format.
So use conn_full_close() instead of conn_xprt_close() to fix this there
too.
A similar pending issue existed in the close during outgoing connection
failure, though on this side, the transport layer is never tracked at the
moment.
This commit is contained in:
parent
26d7cfce32
commit
0ede5a3318
@ -642,7 +642,7 @@ static void session_free(struct session *s)
|
||||
|
||||
/* ensure the client-side transport layer is destroyed */
|
||||
s->si[0].conn->flags &= ~CO_FL_XPRT_TRACKED;
|
||||
conn_xprt_close(s->si[0].conn);
|
||||
conn_full_close(s->si[0].conn);
|
||||
|
||||
for (i = 0; i < s->store_count; i++) {
|
||||
if (!s->store[i].ts)
|
||||
@ -834,9 +834,10 @@ static int sess_update_st_con_tcp(struct session *s, struct stream_interface *si
|
||||
}
|
||||
si->exp = TICK_ETERNITY;
|
||||
si->state = SI_ST_CER;
|
||||
fd_delete(si->conn->t.sock.fd);
|
||||
|
||||
conn_xprt_close(si->conn);
|
||||
si->conn->flags &= ~CO_FL_XPRT_TRACKED;
|
||||
conn_full_close(si->conn);
|
||||
|
||||
if (si->release)
|
||||
si->release(si);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user