Hi,
I have a SSL server program that accepts SSL
connections. But after receiving around 150 connections confirmed with the
"netstat -a | grep ESTAB" command and many SYN_RECV half opened
connections, the client is terminated. This forces the sockets to close. The number of
ESTAB connections goes to zero. The SYN_RECV half opened connection
still lingers. The SSL server continue to process these SYN_RECV half opened
connections and soon even though the client is terminated, some half opened
connection went int other ESTAB state. At this point, the SSL
server can no longer accept any new connections.
This happens on all Redhat
Linux platform that I tested with kernel 2.4.20, 2.4.18, and
2.6.x. Solaris 2.8 does not have this problem.
Below is the stack trace on where the code
is blocking in.
[Switching to Thread -1210186048 (LWP 21173)]
0x0012e7a2 in
_dl_sysinfo_int80 () from /lib/ld-linux.so.2
(gdb) where
#0
0x0012e7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
#1
0x00bd33fb in __read_nocancel () from /lib/tls/libpthread.so.0
#2
0x00608d24 in BIO_sock_should_retry () from /lib/libcrypto.so.4
#3
0x00606d8c in BIO_read () from /lib/libcrypto.so.4
#4 0x007b21b0 in
ssl23_read_bytes () from /lib/libssl.so.4
#5 0x007b0d31 in
ssl23_get_client_hello () from /lib/libssl.so.4
#6 0x007b1309 in
ssl23_accept () from /lib/libssl.so.4
#7 0x007b60ab in SSL_accept ()
from /lib/libssl.so.4
#8 0xb7e093bc in
ACE_SSL_SOCK_Acceptor::ssl_accept (this=0xbffff6f0,
[EMAIL PROTECTED], timeout=0x0)
at SSL_SOCK_Acceptor.cpp:74
#9 0xb7e097d5 in
ACE_SSL_SOCK_Acceptor::accept (this=0xbffff6f0,
[EMAIL PROTECTED],
remote_addr=0x0, timeout=0x0, restart=1,
reset_new_handle=0) at SSL_SOCK_Acceptor.cpp:195
#10 0x0804aace in main
()
Does anyone has any idea on what is going
on?
Thanks in advance.
-Henry
