On Thu Oct 8 03:51 AM, Rainer Gerhards wrote: > > -----Original Message----- > > > The close may get through. It is a (kind of) race condition, > > > inside > > the tcp > > > stack. Assume the following happens (System S being the server, > > system C > > > being the client): > > Ah, I didn't pay attention to the netstat. You are right, in *this* > case the close looks like it does not go through. HOWEVER, for the > argument I have given, this race exists in general. The window is > extremely short (at least on a local LAN), but I have learned if there > is a potential for a race, it will happen sooner or later. Chances go > up very soon as quickly as you have millions and millions of cases... > Just yesterday I was able to find a race with a much lower probability > in v5-beta during shutdown... And it really happened (thankfully only > in my lab, where I set parameters to make such races more probable). >
I decided to look at the code and I must say, wow documented open source code! I haven't written c in a while but easily found my way, so big congrats on keeping the code so clean. After some googling, I found that whenever TCP is in status CLOSE_WAIT, the host is expected to close the socket sometime soon. It might not want to close it right away for example to keep-alive the connection... So I searched for all close() calls on the socket. I found sockClose() then static void CheckConnection(nsd_t *pNsd) -- runtime/nsd_ptcp.c http://blog.gerhards.net/2008/06/getting-bit-more-reliability-from-plain.htm l With debug mode I found: 5543.432507331:action 10 queue:Reg/w0: server:10514/tcp 5543.432507331:action 10 queue:Reg/w0: TCP sent 36 bytes, requested 36 It turns out I was pointing to the SSL config which had: $DefaultNetstreamDriver gtls For this, I found: void CheckConnection(nsd_t *pNsd) -- runtime/nsd_gtls.c /* This function checks if the connection is still alive - well, kind of... * This is a dummy here. For details, check function common in ptcp driver. * rgerhards, 2008-06-09 */ static void CheckConnection(nsd_t *pNsd) { dbgprintf("CheckConnection SSL - do something\n"); nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; ISOBJ_TYPE_assert(pThis, nsd_gtls); nsd_ptcp.CheckConnection(pThis->pTcp); } 5649.998580185:action 10 queue:Reg/w0: server:10514/tcp 5649.998580185:action 10 queue:Reg/w0: CheckConnection SSL - do something 5649.998580185:action 10 queue:Reg/w0: CheckConnection detected broken connection - closing it Wonderful! It works as I would expect. But, is there any reason why the socket check wasn't added for SSL? I'm currently testing this 'patch' with a couple of 'live' servers and randomly stopping the central logging server. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
