From: Yann Ylavic Date: Thu, 8 Oct 2015 14:48:31 +0000 (+0000) Subject: r1678763 | ylavic | 2015-05-11 16:53:34 +0200 (Mon, 11 May 2015) | 7 lines X-Git-Tag: 2.4.17~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fc066fe8e437f689d06d6adeebf2e9cec318a5b2;p=thirdparty%2Fapache%2Fhttpd.git r1678763 | ylavic | 2015-05-11 16:53:34 +0200 (Mon, 11 May 2015) | 7 lines mod_proxy: only cleanup the socket for a connection asked to be closed but whose address can still be reused. This saves unnecessary socket pool destroy and creation at cleanup and reuse time, plus the same initialization of conn->pool's associated data which can be reused in that case. r1703807 | ylavic | 2015-09-18 12:58:58 +0200 (Fri, 18 Sep 2015) | 5 lines mod_proxy: don't recyle backend announced "Connection: close" connections. Failing to do this may lead to a race condition where we send a new request before the backend really closes the connection (or lost SSL-Alert/FIN make us think the connection is still alive, until the retransmission). r1703813 | ylavic | 2015-09-18 13:48:31 +0200 (Fri, 18 Sep 2015) | 1 line mod_proxy: follow up to r1703807: CHANGES entry. Submitted by: ylavic Committed by: ylavic Reviewed by: ylavic, rjung, trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1707556 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 40e8325ab3e..8d1e3fda27b 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,10 @@ Changes with Apache 2.4.17 + *) mod_proxy: don't recyle backend announced "Connection: close" connections + to avoid reusing it should the close be effective after some new request + is ready to be sent. [Yann Ylavic] + *) mod_substitute: Allow to configure the patterns merge order with the new SubstituteInheritBefore on|off directive. PR 57641 [Marc.Stern , Yann Ylavic, William Rowe] diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c index dbe8a293584..92e1f3eb9dd 100644 --- a/modules/proxy/proxy_util.c +++ b/modules/proxy/proxy_util.c @@ -1320,6 +1320,14 @@ PROXY_DECLARE(apr_status_t) ap_proxy_initialize_balancer(proxy_balancer *balance * CONNECTION related... */ +static void socket_cleanup(proxy_conn_rec *conn) +{ + conn->sock = NULL; + conn->connection = NULL; + conn->ssl_hostname = NULL; + apr_pool_clear(conn->scpool); +} + static apr_status_t conn_pool_cleanup(void *theworker) { proxy_worker *worker = (proxy_worker *)theworker; @@ -1386,7 +1394,7 @@ static apr_status_t connection_cleanup(void *theconn) } /* determine if the connection need to be closed */ - if (!ap_proxy_connection_reusable(conn)) { + if (!worker->s->is_address_reusable || worker->s->disablereuse) { apr_pool_t *p = conn->pool; apr_pool_clear(p); conn = apr_pcalloc(p, sizeof(proxy_conn_rec)); @@ -1395,6 +1403,12 @@ static apr_status_t connection_cleanup(void *theconn) apr_pool_create(&(conn->scpool), p); apr_pool_tag(conn->scpool, "proxy_conn_scpool"); } + else if (conn->close + || (conn->connection + && conn->connection->keepalive == AP_CONN_CLOSE)) { + socket_cleanup(conn); + conn->close = 0; + } if (worker->s->hmax && worker->cp->res) { conn->inreslist = 1; @@ -1409,14 +1423,6 @@ static apr_status_t connection_cleanup(void *theconn) return APR_SUCCESS; } -static void socket_cleanup(proxy_conn_rec *conn) -{ - conn->sock = NULL; - conn->connection = NULL; - conn->ssl_hostname = NULL; - apr_pool_clear(conn->scpool); -} - PROXY_DECLARE(apr_status_t) ap_proxy_ssl_connection_cleanup(proxy_conn_rec *conn, request_rec *r) { @@ -2759,9 +2765,9 @@ PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function, proxy_function, backend_addr->family, worker->s->hostname); if (conf->source_address_set) { - local_addr = apr_pmemdup(conn->pool, conf->source_address, + local_addr = apr_pmemdup(conn->scpool, conf->source_address, sizeof(apr_sockaddr_t)); - local_addr->pool = conn->pool; + local_addr->pool = conn->scpool; rv = apr_socket_bind(newsock, local_addr); if (rv != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00956)