From: Eric Wong <e@80x24.org>
To: meta@public-inbox.org
Subject: [PATCH] tls: epollbit: account for miscellaneous OpenSSL errors
Date: Fri, 30 Oct 2020 02:13:58 +0000 [thread overview]
Message-ID: <20201030021358.25539-1-e@80x24.org> (raw)
Apparently they happen (triggered by my -imapd instance), so
bail out by closing the underlying socket rather than stopping
the event loop and daemon process.
---
lib/PublicInbox/DS.pm | 15 ++++++++++-----
lib/PublicInbox/HTTP.pm | 2 +-
lib/PublicInbox/IMAP.pm | 2 +-
lib/PublicInbox/NNTP.pm | 2 +-
lib/PublicInbox/TLS.pm | 4 +++-
5 files changed, 16 insertions(+), 9 deletions(-)
diff --git a/lib/PublicInbox/DS.pm b/lib/PublicInbox/DS.pm
index d0caa5e7..a02b3bb7 100644
--- a/lib/PublicInbox/DS.pm
+++ b/lib/PublicInbox/DS.pm
@@ -433,7 +433,8 @@ next_buf:
goto next_buf;
}
} elsif ($! == EAGAIN) {
- epwait($sock, epbit($sock, EPOLLOUT) | EPOLLONESHOT);
+ my $ev = epbit($sock, EPOLLOUT) or return $self->close;
+ epwait($sock, $ev | EPOLLONESHOT);
return 0;
} else {
return $self->close;
@@ -469,7 +470,8 @@ sub do_read ($$$;$) {
# common for clients to break connections without warning,
# would be too noisy to log here:
if ($! == EAGAIN) {
- epwait($sock, epbit($sock, EPOLLIN) | EPOLLONESHOT);
+ my $ev = epbit($sock, EPOLLIN) or return $self->close;
+ epwait($sock, $ev | EPOLLONESHOT);
rbuf_idle($self, $rbuf);
0;
} else {
@@ -543,7 +545,8 @@ sub write {
return 1 if $written == $to_write;
requeue($self); # runs: event_step -> flush_write
} elsif ($! == EAGAIN) {
- epwait($sock, epbit($sock, EPOLLOUT) | EPOLLONESHOT);
+ my $ev = epbit($sock, EPOLLOUT) or return $self->close;
+ epwait($sock, $ev | EPOLLONESHOT);
$written = 0;
} else {
return $self->close;
@@ -596,7 +599,8 @@ sub accept_tls_step ($) {
my $sock = $self->{sock} or return;
return 1 if $sock->accept_SSL;
return $self->close if $! != EAGAIN;
- epwait($sock, PublicInbox::TLS::epollbit() | EPOLLONESHOT);
+ my $ev = PublicInbox::TLS::epollbit() or return $self->close;
+ epwait($sock, $ev | EPOLLONESHOT);
unshift(@{$self->{wbuf}}, \&accept_tls_step); # autovivifies
0;
}
@@ -607,7 +611,8 @@ sub shutdn_tls_step ($) {
my $sock = $self->{sock} or return;
return $self->close if $sock->stop_SSL(SSL_fast_shutdown => 1);
return $self->close if $! != EAGAIN;
- epwait($sock, PublicInbox::TLS::epollbit() | EPOLLONESHOT);
+ my $ev = PublicInbox::TLS::epollbit() or return $self->close;
+ epwait($sock, $ev | EPOLLONESHOT);
unshift(@{$self->{wbuf}}, \&shutdn_tls_step); # autovivifies
0;
}
diff --git a/lib/PublicInbox/HTTP.pm b/lib/PublicInbox/HTTP.pm
index 5844ef44..88020ae8 100644
--- a/lib/PublicInbox/HTTP.pm
+++ b/lib/PublicInbox/HTTP.pm
@@ -70,7 +70,7 @@ sub new ($$$) {
my $wbuf;
if ($sock->can('accept_SSL') && !$sock->accept_SSL) {
return CORE::close($sock) if $! != EAGAIN;
- $ev = PublicInbox::TLS::epollbit();
+ $ev = PublicInbox::TLS::epollbit() or return CORE::close($sock);
$wbuf = [ \&PublicInbox::DS::accept_tls_step ];
}
$self->{wbuf} = $wbuf if $wbuf;
diff --git a/lib/PublicInbox/IMAP.pm b/lib/PublicInbox/IMAP.pm
index 37001da4..9599f494 100644
--- a/lib/PublicInbox/IMAP.pm
+++ b/lib/PublicInbox/IMAP.pm
@@ -115,7 +115,7 @@ sub new ($$$) {
my $wbuf;
if ($sock->can('accept_SSL') && !$sock->accept_SSL) {
return CORE::close($sock) if $! != EAGAIN;
- $ev = PublicInbox::TLS::epollbit();
+ $ev = PublicInbox::TLS::epollbit() or return CORE::close($sock);
$wbuf = [ \&PublicInbox::DS::accept_tls_step, \&greet ];
}
$self->SUPER::new($sock, $ev | EPOLLONESHOT);
diff --git a/lib/PublicInbox/NNTP.pm b/lib/PublicInbox/NNTP.pm
index 88fe2bb0..102ef42c 100644
--- a/lib/PublicInbox/NNTP.pm
+++ b/lib/PublicInbox/NNTP.pm
@@ -53,7 +53,7 @@ sub new ($$$) {
my $wbuf;
if ($sock->can('accept_SSL') && !$sock->accept_SSL) {
return CORE::close($sock) if $! != EAGAIN;
- $ev = PublicInbox::TLS::epollbit();
+ $ev = PublicInbox::TLS::epollbit() or return CORE::close($sock);
$wbuf = [ \&PublicInbox::DS::accept_tls_step, \&greet ];
}
$self->SUPER::new($sock, $ev | EPOLLONESHOT);
diff --git a/lib/PublicInbox/TLS.pm b/lib/PublicInbox/TLS.pm
index 0f838e25..86e6331d 100644
--- a/lib/PublicInbox/TLS.pm
+++ b/lib/PublicInbox/TLS.pm
@@ -6,6 +6,7 @@ package PublicInbox::TLS;
use strict;
use IO::Socket::SSL;
use PublicInbox::Syscall qw(EPOLLIN EPOLLOUT);
+use Carp qw(carp);
sub err () { $SSL_ERROR }
@@ -13,7 +14,8 @@ sub err () { $SSL_ERROR }
sub epollbit () {
return EPOLLIN if $SSL_ERROR == SSL_WANT_READ;
return EPOLLOUT if $SSL_ERROR == SSL_WANT_WRITE;
- die "unexpected SSL error: $SSL_ERROR";
+ carp "unexpected SSL error: $SSL_ERROR";
+ undef;
}
1;
reply other threads:[~2020-10-30 2:13 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://public-inbox.org/README
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201030021358.25539-1-e@80x24.org \
--to=e@80x24.org \
--cc=meta@public-inbox.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).