One more attempt: stuck processes

Sat Nov 17 11:21:38 EST 2007

Sebastian Hagedorn wrote:
> -- Ken Murchison <murch at andrew.cmu.edu> is rumored to have mumbled on 
> 16. November 2007 15:54:50 -0500 regarding Re: One more attempt: stuck 
> processes:
> 
>> That's exactly what Gary is seeing.
> 
> Right. Apparently stripped binaries aren't any good for straces.
> 
>> Its blocking in SSL_accept().
>> Apparently the client connects to port 995, and then either sends
>> nothing, or goes away and leaves the socket open.

Here's a patch that seems to fix the problem.  I did some basic testing 
(Linux only) to make sure that it doesn't break anything else, but its 
always possible that it has some unforseen side effects.  Keep an eye on 
it and let me know if you see anything unusual.

--- prot.c.~1.93.~	2007-11-17 10:02:49.000000000 -0500
+++ prot.c	2007-11-17 11:21:05.000000000 -0500
@@ -58,6 +58,7 @@
  #ifdef HAVE_UNISTD_H
  #include <unistd.h>
  #endif
+#include <sys/time.h>
  #include <sys/types.h>
  #include <sys/stat.h>
  #include <netinet/in.h>
@@ -214,10 +215,20 @@
   */
  int prot_settimeout(struct protstream *s, int timeout)
  {
+    struct timeval tv;
+
      assert(!s->write);

      s->read_timeout = timeout;
      s->timeout_mark = time(NULL) + timeout;
+
+    /* Set a read timeout on the socket itself.  This primarily prevents
+     * OpenSSL calls such as SSL_accept() from blocking indefinitely.
+     */
+    tv.tv_sec = timeout;
+    tv.tv_usec = 0;
+    setsockopt(0, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval));
+
      return 0;
  }



-- 
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
