From: nagachika00@... Date: 2017-12-14T13:31:49+00:00 Subject: [ruby-core:84262] [Ruby trunk Bug#14005] [PATCH] webrick: do not hang acceptor on slow TLS connections Issue #14005 has been updated by nagachika (Tomoyuki Chikanaga). Backport changed from 2.3: REQUIRED, 2.4: REQUIRED to 2.3: REQUIRED, 2.4: DONE ruby_2_4 r61239 merged revision(s) 60123,60172,60189,60208,60210,60211. ---------------------------------------- Bug #14005: [PATCH] webrick: do not hang acceptor on slow TLS connections https://bugs.ruby-lang.org/issues/14005#change-68414 * Author: normalperson (Eric Wong) * Status: Closed * Priority: Normal * Assignee: * Target version: * ruby -v: * Backport: 2.3: REQUIRED, 2.4: DONE ---------------------------------------- OpenSSL::SSL::SSLSocket#accept may block indefinitely on clients which negotiate the TCP connection, but fail (or are slow) to negotiate the subsequent TLS handshake. This prevents the multi-threaded WEBrick server from accepting other connections. Since the TLS handshake (via OpenSSL::SSL::SSLSocket#accept) consists of normal read/write traffic over TCP, handle it in the per-client thread, instead. Furthermore, using non-blocking accept() is useful for non-TLS sockets anyways because spurious wakeups are possible from select(2). * lib/webrick/server.rb (accept_client): use TCPServer#accept_nonblock and remove OpenSSL::SSL::SSLSocket#accept call * lib/webrick/server.rb (start_thread): call OpenSSL::SSL::SSLSocket#accept * test/webrick/test_ssl_server.rb (test_slow_connect): new test ---Files-------------------------------- 0001-webrick-do-not-hang-acceptor-on-slow-TLS-connections.patch (4.12 KB) -- https://bugs.ruby-lang.org/ Unsubscribe: