Re: [pve-devel] [PATCH pve-http-server 1/1] close TLS gracefully to avoid unexpected EOF at client

From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Subject: Re: [pve-devel] [PATCH pve-http-server 1/1] close TLS gracefully to avoid unexpected EOF at client
Date: Thu, 27 Feb 2025 10:35:47 +0100 (CET)	[thread overview]
Message-ID: <2000809141.1573.1740648947275@webmail.proxmox.com> (raw)
In-Reply-To: <mailman.598.1740610963.293.pve-devel@lists.proxmox.com>

> Rob Rozestraten via pve-devel <pve-devel@lists.proxmox.com> hat am 26.02.2025 23:51 CET geschrieben:

Hi (and thanks for your patch)!

A little bit of analysis of *why* this is needed and okay would be great to have here in the commit message ;)

If I read the docs right, this could block (would that be an issue here?) and could potentially destroy the handle (so that might need to be rechecked afterwards to prevent spurious warnings?)

what happens if we initiate the teardown, and the client never acks it?

> Signed-off-by: Rob Rozestraten <admin@truthsolo.net>
> ---
>  src/PVE/APIServer/AnyEvent.pm | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/src/PVE/APIServer/AnyEvent.pm b/src/PVE/APIServer/AnyEvent.pm
> index 8a52836..771b153 100644
> --- a/src/PVE/APIServer/AnyEvent.pm
> +++ b/src/PVE/APIServer/AnyEvent.pm
> @@ -141,6 +141,7 @@ sub client_do_disconnect {
>      my $shutdown_hdl = sub {
>  	my $hdl = shift;
>  
> +	$hdl->stoptls() if $hdl->{tls};

nit: the if is not needed, as `stoptls` only does anything anyway if $hdl has a FH and is a TLS-enabled handle ;)

>  	shutdown($hdl->{fh}, 1);
>  	# clear all handlers
>  	$hdl->on_drain(undef);
> -- 
> 2.48.1

_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel