One more attempt: stuck processes
Ken Murchison
murch at andrew.cmu.edu
Fri Nov 16 11:27:52 EST 2007
Sebastian Hagedorn wrote:
> The only reason I could imagine for the sequence of calls was signal
> handling. But let's be methodical. There's only one spot where
> SSL_accept() is called: in tls_start_servertls(). In pop3d.c that's only
> called in cmd_starttls(). That in turn is called either in cmdloop (for
> handling of STLS) or in service_main() for connections to port 995.
Actually, now that I think about it, I believe SSL_accept() can be
called from SSL_read() at any time if a renegotiation is required.
Since shut_down() calls prot_fill(), which in turn can call SSL_read(),
its possible that we can get an SSL_accept() call. Before I start
hacking code, can you apply the following patch (sorry about the line
breaks) and see if I'm heading in the right direction? Let me know if
you get any of the WARNING messages in your logs.
--- prot.c.~1.93.~ 2007-11-16 11:21:56.000000000 -0500
+++ prot.c 2007-11-16 11:23:32.000000000 -0500
@@ -468,6 +468,7 @@
/* just do a SSL read instead if we're under a tls layer */
if (s->tls_conn != NULL) {
n = SSL_read(s->tls_conn, (char *) s->buf, PROT_BUFSIZE);
+ if (n <= 0) syslog(LOG_WARNING, "SSL_read() returned %d", n);
} else {
n = read(s->fd, s->buf, PROT_BUFSIZE);
}
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
More information about the Info-cyrus
mailing list