On 2018/04/04 18:42, trondd wrote:
> On Wed, April 4, 2018 10:02 am, trondd wrote:
> > Bringing this back up from the depths.  I kept rolling back to older
> httpd
> > code and forgetting about this :(
> > I still see this issue in 6.3  A new packet cap look the same.
> 
> Ok, I was able to do some more digging into this.  httpd does not close
> the socket after the range request completes.
> 
> fstat will show the socket remaining open.  A linux client will show the
> socket in FIN_WAIT2 with netstat.

One of the mirror admins has been having trouble with a leak connected
with range requests in httpd for ages. He mostly doesn't suffer too much
now that he's using letsencrypt for which he's doing a full restart of
httpd to load new certs...

TBH I'd probably just disable range processing like done in
https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/017_httpd.patch.sig
for now, neither memory exhaustion nor FD leak are particularly appealing.

Reply via email to