From: Eduard Bagdasaryan <eduard.bagdasaryan@measurement-factory.com>
Date: Sun, 24 Nov 2024 20:19:03 +0000 (+0000)
Subject: Do not TLS close_notify when resetting a TCP connection (#1944)
X-Git-Tag: SQUID_7_0_1~28
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6bd74111a80de08270dc5886e6ad6bcd7d5e08b4;p=thirdparty%2Fsquid.git

Do not TLS close_notify when resetting a TCP connection (#1944)
---

diff --git a/src/comm.cc b/src/comm.cc
index c496b8aaa3..24fe6ce462 100644
--- a/src/comm.cc
+++ b/src/comm.cc
@@ -783,6 +783,8 @@ commConfigureLinger(const int fd, const OnOff enabled)
     l.l_onoff = (enabled == OnOff::on ? 1 : 0);
     l.l_linger = 0; // how long to linger for, in seconds
 
+    fd_table[fd].flags.harshClosureRequested = (l.l_onoff && !l.l_linger); // close(2) sends TCP RST if true
+
     if (setsockopt(fd, SOL_SOCKET, SO_LINGER, reinterpret_cast<char*>(&l), sizeof(l)) < 0) {
         const auto xerrno = errno;
         debugs(50, DBG_CRITICAL, "ERROR: Failed to set closure behavior (SO_LINGER) for FD " << fd << ": " << xstrerr(xerrno));
@@ -877,7 +879,7 @@ _comm_close(int fd, char const *file, int line)
     // For simplicity sake, we remain in the caller's context while still
     // allowing individual advanced callbacks to overwrite it.
 
-    if (F->ssl) {
+    if (F->ssl && !F->flags.harshClosureRequested) {
         const auto startCall = asyncCall(5, 4, "commStartTlsClose",
                                          callDialer(commStartTlsClose, fd));
         ScheduleCallHere(startCall);
diff --git a/src/fde.h b/src/fde.h
index 930edc08ed..f58182eabe 100644
--- a/src/fde.h
+++ b/src/fde.h
@@ -127,6 +127,8 @@ public:
         bool read_pending = false;
         //bool write_pending; //XXX seems not to be used
         bool transparent = false;
+        /// whether comm_reset_close() (or old_comm_reset_close()) has been called
+        bool harshClosureRequested = false;
     } flags;
 
     int64_t bytes_read = 0;