>Number: 6624
>Category: system
>Synopsis: relayd - hce does not close TCP sockets on failure
>Confidential: yes
>Severity: serious
>Priority: medium
>Responsible: bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sat Jun 04 07:00:02 GMT 2011
>Closed-Date:
>Last-Modified:
>Originator:
>Release:
>Organization:
>Environment:
System : OpenBSD 4.9 CVS
Architecture: OpenBSD.amd64
Machine : amd64
>Description:
Since check_tcp.c rev. 1.41 hce does not close TCP sockets on failure
>How-To-Repeat:
lsof shows increasing number of stale sockets for the hce process
if hosts are down
/etc/relayd.conf:
interval 5
timeout 4999
ext_addr="127.0.0.1"
webhost1="127.0.01"
table <test> { $webhost1 }
redirect "test" {
listen on $ext_addr port 80
forward to <test> port 8000 check tcp
}
>Fix:
In check_tcp.c: check_tcp() assign socket to cte->s right after it
was created so that it gets properly closed with the new tcp_close()
function on failure (goto bad).
--- src/usr.sbin/relayd/check_tcp.c.orig Sat Jun 4 08:59:06 2011
+++ src/usr.sbin/relayd/check_tcp.c Sat Jun 4 09:07:17 2011
@@ -77,6 +77,8 @@
goto bad;
}
+ cte->s = s;
+
bzero(&lng, sizeof(lng));
if (setsockopt(s, SOL_SOCKET, SO_LINGER, &lng, sizeof(lng)) == -1)
goto bad;
@@ -100,7 +102,6 @@
cte->buf = NULL;
cte->host->up = HOST_UP;
- cte->s = s;
event_del(&cte->ev);
event_set(&cte->ev, s, EV_TIMEOUT|EV_WRITE, tcp_write, cte);
event_add(&cte->ev, &tv);
>Release-Note:
>Audit-Trail:
>Unformatted:
