From nobody Fri Jul 18 18:30:30 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bkJJ751rLz62d5T; Fri, 18 Jul 2025 18:30:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4bkJJ70hwFz3QQT; Fri, 18 Jul 2025 18:30:31 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1752863431; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=pbAmUYjYoRbobYaC+b10GgS8r96Ij5W0wcKaOF6+pTo=; b=OX7qwe+joPNnd5ROe30rsw5wClCA7+eadbT1diMOCSDHqB+fAgdZ87hugC4gRZqgdwraJe ZOENHyicq62chXMhnSsUuiItoZQmbxSL2oZ1QWE9eUFcWrcy5M3jGUpkP1KgyAp8nmecI7 cGrH8W8KXp5yjb2s1hlsn3mFn/oA1OXOJlOC1dvRbsP3FooB/psq9NL5qEfbhffB8w2h/1 J88hkXLIp+VTWsbYwPeXyLMl6AX0Z1yfOYWHFfh1nARLzpw3PdGx2BuOu4ljnupWybJrsQ hyNcPaF7MEQZZ+l0y5x3BYScq5lHPFoTi6pdVju+WObnr52tu28O3hKh2o6Jrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1752863431; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=pbAmUYjYoRbobYaC+b10GgS8r96Ij5W0wcKaOF6+pTo=; b=Ow9g7cAQPQQaoQoCpcWdejNZd+mvLkrHqhTX/1c/ojdRN9oH220Rt0slhL25H1GgWC8g10 mNSNS93rWBvtEnz+di0byQZctfMFL2OcNUMq4F/9pcHqr3zQFnv59bWOq536QP4NFcgHDE o90SXtRnmm1Qqj1GAZAqLOVEAn7DD1kG3sH/0XTq9sWldial0DjzOeCXM2dEv3PbLA6Rvl Rcmc13adq2MOme+1g3XtDZ7J9pGyQXD1NacVw1cW87U5LTnsOoEXie9l5OzGwko+TC3zZ8 8uM3k0Hhm8BeBjG2UaCP/SYkNXlHnVvZV08Yzvm26kDyCNRkCwbKd7n6FaVhpA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1752863431; a=rsa-sha256; cv=none; b=cHlp+IM5oWHGx9bTuHejf4z3hdgfrN0JryO3GqILm/++9mXUg8N8/sEbwG6h1tZHsoD9nh 5Hqk8pgblLGwb5ZrNY5frakZd4FppeQOldGgRGICLHgmiC6W7FydWUm+dd6GmpouVYpjzF I7/NKmKUlVUGuzw37k7Cg1ez3ofX2a2DJZT+oBg+ydRRDYrAVYjTKKjo7RritnjWL18LiR 38lh/7KffAiG62o4j+HOGfzX8qDIOY0DTAM4ZmdM4H/Ib0EagmiWi70X3X22zQrV82Etyt tzmgRPmHGC/jPKKD2Y+XxPFMJsBNKqG2I5hcLHZcIE2NBMsO1G0aTb2AWUu10w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4bkJJ700fTzs5B; Fri, 18 Jul 2025 18:30:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 56IIUU40016656; Fri, 18 Jul 2025 18:30:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 56IIUUQA016653; Fri, 18 Jul 2025 18:30:30 GMT (envelope-from git) Date: Fri, 18 Jul 2025 18:30:30 GMT Message-Id: <202507181830.56IIUUQA016653@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Rick Macklem Subject: git: 2420e64c463a - main - rpctls_impl.c: Fix handling of hung rpc tls daemon List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rmacklem X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 2420e64c463a4873a7f0cb86837148bc66a6474a Auto-Submitted: auto-generated The branch main has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=2420e64c463a4873a7f0cb86837148bc66a6474a commit 2420e64c463a4873a7f0cb86837148bc66a6474a Author: Rick Macklem AuthorDate: 2025-07-18 18:27:50 +0000 Commit: Rick Macklem CommitDate: 2025-07-18 18:27:50 +0000 rpctls_impl.c: Fix handling of hung rpc tls daemon Commit 26ee05939209 replaced soshutdown() with soclose() for the case where the RPC TLS daemon has not removed the socket from the RB tree during an upcall. It turns out that soshutdown() is needed for the "else" case, which is the case that occurs when the daemon is stuck in SSL_accept() or SSL_connect(). This patch adds a soshutdown() call to this else case, which unsticks the daemon when the other end does not do the actual TLS handshake. This can occur if the daemon is not running at the other end. Reviewed by: glebius Differential Revision: https://reviews.freebsd.org/D51083 Fixes: 26ee05939209 ("rpctls_impl.c: Fix handling of socket for daemon failure") --- sys/rpc/rpcsec_tls/rpctls_impl.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sys/rpc/rpcsec_tls/rpctls_impl.c b/sys/rpc/rpcsec_tls/rpctls_impl.c index 93fe283e65fd..51fe270b13d9 100644 --- a/sys/rpc/rpcsec_tls/rpctls_impl.c +++ b/sys/rpc/rpcsec_tls/rpctls_impl.c @@ -240,6 +240,14 @@ rpctls_rpc_failed(struct upsock *ups, struct socket *so) * failed to do the handshake. */ mtx_unlock(&rpctls_lock); + /* + * Do a shutdown on the socket, since the daemon is + * probably stuck in SSL_accept() or SSL_connect() trying to + * read the socket. Do not soclose() the socket, since the + * daemon will close() the socket after SSL_accept() + * returns an error. + */ + soshutdown(so, SHUT_RD); } }