Update: Added more logging and call SSL_shutdown() more conditionally

2025-02-02 15:07:36 -05:00 · 2024-10-23 12:12:45 +00:00 · 2024-10-23 12:12:45 +00:00 · 889f2bfa94
commit 889f2bfa94
parent 25a4645245
2 changed files with 25 additions and 4 deletions
--- a/src/connection.c
+++ b/src/connection.c
@ -1099,23 +1099,30 @@ static int _need_body(client_queue_entry_t *node)
 {
    client_t *client = node->client;

-    if (node->tried_body)
+    if (node->tried_body) {
+        ICECAST_LOG_DEBUG("tried_body is true (client=%p)", client);
        return 0;
+    }

    if (client->parser->req_type == httpp_req_source) {
        /* SOURCE connection. */
+        ICECAST_LOG_DEBUG("SOURCE connection (client=%p)", client);
        return 0;
    } else if (client->parser->req_type == httpp_req_put) {
        /* PUT connection.
         * TODO: We may need body for /admin/ but we do not know if it's an admin request yet.
         */
+        ICECAST_LOG_DEBUG("PUT connection (client=%p)", client);
        return 0;
    } else if (client->request_body_length != -1 && (size_t)client->request_body_length != client->request_body_read) {
+        ICECAST_LOG_DEBUG("request_body_length missmatch (client=%p)", client);
        return 1;
    } else if (client->request_body_length == -1 && client_body_eof(client) == 0) {
+        ICECAST_LOG_DEBUG("Unknown body length (client=%p)", client);
        return 1;
    }

+    ICECAST_LOG_DEBUG("No body (client=%p)", client);
    return 0;
 }

--- a/src/tls.c
+++ b/src/tls.c
@ -53,6 +53,7 @@ struct tls_tag {
    SSL *ssl;
    tls_ctx_t *ctx;
    bool error;
+    bool no_shutdown;
 };

 void       tls_initialize(void)
@ -164,6 +165,8 @@ tls_t     *tls_new(tls_ctx_t *ctx)
    tls->ssl  = ssl;
    tls->ctx  = ctx;

+    ICECAST_LOG_DEBUG("tls_new(ctx=%p) = %p", ctx, tls);
+
    return tls;
 }
 void       tls_ref(tls_t *tls)
@ -183,7 +186,14 @@ void       tls_unref(tls_t *tls)
    if (tls->refc)
        return;

-    SSL_shutdown(tls->ssl);
+    if (!tls->no_shutdown) {
+        int ret = SSL_shutdown(tls->ssl);
+        if (ret < 0) {
+            int error = SSL_get_error(tls->ssl, ret);
+            ICECAST_LOG_DEBUG("Shutdown unsuccessful: tls=%p, ret=%i, error=%i", tls, ret, error);
+        }
+    }
+
    SSL_free(tls->ssl);

    if (tls->ctx)
@ -252,9 +262,11 @@ ssize_t    tls_read(tls_t *tls, void *buffer, size_t len)

    if (ret <= 0 && !tls->error) {
        int error = SSL_get_error(tls->ssl, ret);
-        ICECAST_LOG_DDEBUG("Zero read on TLS (tls=%p, ret=%i, error=%i)", tls, ret, error);
+        ICECAST_LOG_DEBUG("Zero read on TLS (tls=%p, ret=%i, error=%i)", tls, ret, error);
        if (error == SSL_ERROR_SYSCALL || error == SSL_ERROR_SSL)
            tls->error = true;
+        if (error == SSL_ERROR_SSL)
+            tls->no_shutdown = true;
    }

    return ret;
@ -270,8 +282,10 @@ ssize_t    tls_write(tls_t *tls, const void *buffer, size_t len)

    if (ret <= 0) {
        switch (SSL_get_error(tls->ssl, ret)) {
-            case SSL_ERROR_SYSCALL:
            case SSL_ERROR_SSL:
+                tls->no_shutdown = true;
+                /* fall thru */
+            case SSL_ERROR_SYSCALL:
                return -1;
                break;
            default: