From 31f9b61a318f4daf8a6208ed4f6bc60aa355faa9 Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Fri, 30 Oct 2020 02:13:58 +0000 Subject: [PATCH] tls: epollbit: account for miscellaneous OpenSSL errors Apparently they happen (triggered by my -imapd instance), so bail out by closing the underlying socket rather than stopping the event loop and daemon process. (cherry picked from commit c51c22c349529d9c377160abcc7961a6ca7b7d5c) --- lib/PublicInbox/DS.pm | 15 ++++++++++----- lib/PublicInbox/HTTP.pm | 2 +- lib/PublicInbox/IMAP.pm | 2 +- lib/PublicInbox/NNTP.pm | 2 +- lib/PublicInbox/TLS.pm | 4 +++- 5 files changed, 16 insertions(+), 9 deletions(-) diff --git a/lib/PublicInbox/DS.pm b/lib/PublicInbox/DS.pm index d0caa5e7..a02b3bb7 100644 --- a/lib/PublicInbox/DS.pm +++ b/lib/PublicInbox/DS.pm @@ -433,7 +433,8 @@ next_buf: goto next_buf; } } elsif ($! == EAGAIN) { - epwait($sock, epbit($sock, EPOLLOUT) | EPOLLONESHOT); + my $ev = epbit($sock, EPOLLOUT) or return $self->close; + epwait($sock, $ev | EPOLLONESHOT); return 0; } else { return $self->close; @@ -469,7 +470,8 @@ sub do_read ($$$;$) { # common for clients to break connections without warning, # would be too noisy to log here: if ($! == EAGAIN) { - epwait($sock, epbit($sock, EPOLLIN) | EPOLLONESHOT); + my $ev = epbit($sock, EPOLLIN) or return $self->close; + epwait($sock, $ev | EPOLLONESHOT); rbuf_idle($self, $rbuf); 0; } else { @@ -543,7 +545,8 @@ sub write { return 1 if $written == $to_write; requeue($self); # runs: event_step -> flush_write } elsif ($! == EAGAIN) { - epwait($sock, epbit($sock, EPOLLOUT) | EPOLLONESHOT); + my $ev = epbit($sock, EPOLLOUT) or return $self->close; + epwait($sock, $ev | EPOLLONESHOT); $written = 0; } else { return $self->close; @@ -596,7 +599,8 @@ sub accept_tls_step ($) { my $sock = $self->{sock} or return; return 1 if $sock->accept_SSL; return $self->close if $! != EAGAIN; - epwait($sock, PublicInbox::TLS::epollbit() | EPOLLONESHOT); + my $ev = PublicInbox::TLS::epollbit() or return $self->close; + epwait($sock, $ev | EPOLLONESHOT); unshift(@{$self->{wbuf}}, \&accept_tls_step); # autovivifies 0; } @@ -607,7 +611,8 @@ sub shutdn_tls_step ($) { my $sock = $self->{sock} or return; return $self->close if $sock->stop_SSL(SSL_fast_shutdown => 1); return $self->close if $! != EAGAIN; - epwait($sock, PublicInbox::TLS::epollbit() | EPOLLONESHOT); + my $ev = PublicInbox::TLS::epollbit() or return $self->close; + epwait($sock, $ev | EPOLLONESHOT); unshift(@{$self->{wbuf}}, \&shutdn_tls_step); # autovivifies 0; } diff --git a/lib/PublicInbox/HTTP.pm b/lib/PublicInbox/HTTP.pm index 5844ef44..88020ae8 100644 --- a/lib/PublicInbox/HTTP.pm +++ b/lib/PublicInbox/HTTP.pm @@ -70,7 +70,7 @@ sub new ($$$) { my $wbuf; if ($sock->can('accept_SSL') && !$sock->accept_SSL) { return CORE::close($sock) if $! != EAGAIN; - $ev = PublicInbox::TLS::epollbit(); + $ev = PublicInbox::TLS::epollbit() or return CORE::close($sock); $wbuf = [ \&PublicInbox::DS::accept_tls_step ]; } $self->{wbuf} = $wbuf if $wbuf; diff --git a/lib/PublicInbox/IMAP.pm b/lib/PublicInbox/IMAP.pm index d93792ac..c9a024d6 100644 --- a/lib/PublicInbox/IMAP.pm +++ b/lib/PublicInbox/IMAP.pm @@ -115,7 +115,7 @@ sub new ($$$) { my $wbuf; if ($sock->can('accept_SSL') && !$sock->accept_SSL) { return CORE::close($sock) if $! != EAGAIN; - $ev = PublicInbox::TLS::epollbit(); + $ev = PublicInbox::TLS::epollbit() or return CORE::close($sock); $wbuf = [ \&PublicInbox::DS::accept_tls_step, \&greet ]; } $self->SUPER::new($sock, $ev | EPOLLONESHOT); diff --git a/lib/PublicInbox/NNTP.pm b/lib/PublicInbox/NNTP.pm index 88fe2bb0..102ef42c 100644 --- a/lib/PublicInbox/NNTP.pm +++ b/lib/PublicInbox/NNTP.pm @@ -53,7 +53,7 @@ sub new ($$$) { my $wbuf; if ($sock->can('accept_SSL') && !$sock->accept_SSL) { return CORE::close($sock) if $! != EAGAIN; - $ev = PublicInbox::TLS::epollbit(); + $ev = PublicInbox::TLS::epollbit() or return CORE::close($sock); $wbuf = [ \&PublicInbox::DS::accept_tls_step, \&greet ]; } $self->SUPER::new($sock, $ev | EPOLLONESHOT); diff --git a/lib/PublicInbox/TLS.pm b/lib/PublicInbox/TLS.pm index 0f838e25..86e6331d 100644 --- a/lib/PublicInbox/TLS.pm +++ b/lib/PublicInbox/TLS.pm @@ -6,6 +6,7 @@ package PublicInbox::TLS; use strict; use IO::Socket::SSL; use PublicInbox::Syscall qw(EPOLLIN EPOLLOUT); +use Carp qw(carp); sub err () { $SSL_ERROR } @@ -13,7 +14,8 @@ sub err () { $SSL_ERROR } sub epollbit () { return EPOLLIN if $SSL_ERROR == SSL_WANT_READ; return EPOLLOUT if $SSL_ERROR == SSL_WANT_WRITE; - die "unexpected SSL error: $SSL_ERROR"; + carp "unexpected SSL error: $SSL_ERROR"; + undef; } 1; -- 2.44.0