|
 |
ecf709 |
From d6c7d35fdb4d416360a855a37b8c2164f053b470 Mon Sep 17 00:00:00 2001
|
|
|
ecf709 |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
ecf709 |
Date: Tue, 11 Jul 2017 18:26:01 +0200
|
|
|
ecf709 |
Subject: [PATCH 187/190] RESPONDERS: Fix terminating idle connections
|
|
|
ecf709 |
MIME-Version: 1.0
|
|
|
ecf709 |
Content-Type: text/plain; charset=UTF-8
|
|
|
ecf709 |
Content-Transfer-Encoding: 8bit
|
|
|
ecf709 |
|
|
|
ecf709 |
The client_idle_handler() function tried to schedule another tevent
|
|
|
ecf709 |
timer to check for idle client connections in case the current
|
|
|
ecf709 |
connection was still valid, but in doing so, it also stored the current
|
|
|
ecf709 |
time into the last_request_time field of the client context.
|
|
|
ecf709 |
|
|
|
ecf709 |
This kept the connection always alive, because the last_request_time
|
|
|
ecf709 |
could then never be older than the timeout.
|
|
|
ecf709 |
|
|
|
ecf709 |
This patch changes the setup_client_idle_timer() function to only do
|
|
|
ecf709 |
what the synopsis says and set the idle timer. The caller (usually the
|
|
|
ecf709 |
function that accepts the connection) is supposed to store the request
|
|
|
ecf709 |
time itself.
|
|
|
ecf709 |
|
|
|
ecf709 |
Resolves:
|
|
|
ecf709 |
https://pagure.io/SSSD/sssd/issue/3448
|
|
|
ecf709 |
|
|
|
ecf709 |
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
|
|
ecf709 |
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
|
|
|
ecf709 |
---
|
|
|
ecf709 |
src/responder/common/responder_common.c | 16 +++++++++++-----
|
|
|
ecf709 |
1 file changed, 11 insertions(+), 5 deletions(-)
|
|
|
ecf709 |
|
|
|
ecf709 |
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
|
|
|
ecf709 |
index 9d4889be652c6d6fb974b59001a9ac77b496e9ab..9d706f9799ef1b31122d8380fbf9c53ba0cc9e68 100644
|
|
|
ecf709 |
--- a/src/responder/common/responder_common.c
|
|
|
ecf709 |
+++ b/src/responder/common/responder_common.c
|
|
|
ecf709 |
@@ -607,7 +607,15 @@ static void accept_fd_handler(struct tevent_context *ev,
|
|
|
ecf709 |
cctx->ev = ev;
|
|
|
ecf709 |
cctx->rctx = rctx;
|
|
|
ecf709 |
|
|
|
ecf709 |
- /* Set up the idle timer */
|
|
|
ecf709 |
+ /* Record the new time and set up the idle timer */
|
|
|
ecf709 |
+ ret = reset_client_idle_timer(cctx);
|
|
|
ecf709 |
+ if (ret != EOK) {
|
|
|
ecf709 |
+ DEBUG(SSSDBG_MINOR_FAILURE,
|
|
|
ecf709 |
+ "Could not create idle timer for client. "
|
|
|
ecf709 |
+ "This connection may not auto-terminate\n");
|
|
|
ecf709 |
+ /* Non-fatal, continue */
|
|
|
ecf709 |
+ }
|
|
|
ecf709 |
+
|
|
|
ecf709 |
ret = setup_client_idle_timer(cctx);
|
|
|
ecf709 |
if (ret != EOK) {
|
|
|
ecf709 |
DEBUG(SSSDBG_CRIT_FAILURE,
|
|
|
ecf709 |
@@ -634,7 +642,7 @@ static void client_idle_handler(struct tevent_context *ev,
|
|
|
ecf709 |
if (cctx->last_request_time > now) {
|
|
|
ecf709 |
DEBUG(SSSDBG_IMPORTANT_INFO,
|
|
|
ecf709 |
"Time shift detected, re-scheduling the client timeout\n");
|
|
|
ecf709 |
- goto end;
|
|
|
ecf709 |
+ goto done;
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
if ((now - cctx->last_request_time) > cctx->rctx->client_idle_timeout) {
|
|
|
ecf709 |
@@ -648,7 +656,7 @@ static void client_idle_handler(struct tevent_context *ev,
|
|
|
ecf709 |
return;
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
-end:
|
|
|
ecf709 |
+done:
|
|
|
ecf709 |
setup_client_idle_timer(cctx);
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
@@ -661,11 +669,9 @@ errno_t reset_client_idle_timer(struct cli_ctx *cctx)
|
|
|
ecf709 |
|
|
|
ecf709 |
static errno_t setup_client_idle_timer(struct cli_ctx *cctx)
|
|
|
ecf709 |
{
|
|
|
ecf709 |
- time_t now = time(NULL);
|
|
|
ecf709 |
struct timeval tv =
|
|
|
ecf709 |
tevent_timeval_current_ofs(cctx->rctx->client_idle_timeout/2, 0);
|
|
|
ecf709 |
|
|
|
ecf709 |
- cctx->last_request_time = now;
|
|
|
ecf709 |
talloc_zfree(cctx->idle);
|
|
|
ecf709 |
|
|
|
ecf709 |
cctx->idle = tevent_add_timer(cctx->ev, cctx, tv, client_idle_handler, cctx);
|
|
|
ecf709 |
--
|
|
|
ecf709 |
2.9.4
|
|
|
ecf709 |
|