| Message ID | 1562850020-10149-1-git-send-email-twilson@redhat.com |
|---|---|
| State | Accepted |
| Commit | 5fe179987d14ff38cce345dbbe57ef1ffe7853cc |
| Headers | show |
| Series | [ovs-dev,v2] Shutdown SSL connection before closing socket | expand |
Acked-By: Daniel Alvarez <dalvarez@redhat.com> On Thu, Jul 11, 2019 at 3:08 PM Terry Wilson <twilson@redhat.com> wrote: > > Without shutting down the SSL connection, log messages like: > > stream_ssl|WARN|SSL_read: unexpected SSL connection close > jsonrpc|WARN|ssl:127.0.0.1:47052: receive error: Protocol error > reconnect|WARN|ssl:127.0.0.1:47052: connection dropped (Protocol error) > > would occur whenever the socket is closed. This just adds an > SSLStream.close() that calls shutdown() and ignores SSL errors, the > same way that lib/stream-ssl.c does in ssl_close(). > > Signed-off-by: Terry Wilson <twilson@redhat.com> > --- > python/ovs/stream.py | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/python/ovs/stream.py b/python/ovs/stream.py > index c15be4b..a98057e 100644 > --- a/python/ovs/stream.py > +++ b/python/ovs/stream.py > @@ -825,6 +825,14 @@ class SSLStream(Stream): > except SSL.SysCallError as e: > return -ovs.socket_util.get_exception_errno(e) > > + def close(self): > + if self.socket: > + try: > + self.socket.shutdown() > + except SSL.Error: > + pass > + return super(SSLStream, self).close() > + > > if SSL: > # Register SSL only if the OpenSSL module is available > -- > 1.8.3.1 > > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev
On Tue, Jul 16, 2019 at 7:44 PM Daniel Alvarez Sanchez <dalvarez@redhat.com> wrote: > Acked-By: Daniel Alvarez <dalvarez@redhat.com> > > On Thu, Jul 11, 2019 at 3:08 PM Terry Wilson <twilson@redhat.com> wrote: > > > > Without shutting down the SSL connection, log messages like: > > > > stream_ssl|WARN|SSL_read: unexpected SSL connection close > > jsonrpc|WARN|ssl:127.0.0.1:47052: receive error: Protocol error > > reconnect|WARN|ssl:127.0.0.1:47052: connection dropped (Protocol error) > > > > would occur whenever the socket is closed. This just adds an > > SSLStream.close() that calls shutdown() and ignores SSL errors, the > > same way that lib/stream-ssl.c does in ssl_close(). > > > > Signed-off-by: Terry Wilson <twilson@redhat.com> > Acked-by: Numan Siddique <nusiddiq@redhat.com> > > --- > > python/ovs/stream.py | 8 ++++++++ > > 1 file changed, 8 insertions(+) > > > > diff --git a/python/ovs/stream.py b/python/ovs/stream.py > > index c15be4b..a98057e 100644 > > --- a/python/ovs/stream.py > > +++ b/python/ovs/stream.py > > @@ -825,6 +825,14 @@ class SSLStream(Stream): > > except SSL.SysCallError as e: > > return -ovs.socket_util.get_exception_errno(e) > > > > + def close(self): > > + if self.socket: > > + try: > > + self.socket.shutdown() > > + except SSL.Error: > > + pass > > + return super(SSLStream, self).close() > > + > > > > if SSL: > > # Register SSL only if the OpenSSL module is available > > -- > > 1.8.3.1 > > > > _______________________________________________ > > dev mailing list > > dev@openvswitch.org > > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev >
On Thu, Jul 11, 2019 at 08:00:20AM -0500, Terry Wilson wrote: > Without shutting down the SSL connection, log messages like: > > stream_ssl|WARN|SSL_read: unexpected SSL connection close > jsonrpc|WARN|ssl:127.0.0.1:47052: receive error: Protocol error > reconnect|WARN|ssl:127.0.0.1:47052: connection dropped (Protocol error) > > would occur whenever the socket is closed. This just adds an > SSLStream.close() that calls shutdown() and ignores SSL errors, the > same way that lib/stream-ssl.c does in ssl_close(). > > Signed-off-by: Terry Wilson <twilson@redhat.com> I applied this to master a few days ago, but it looks like I forgot to point it out at the time.
Thanks! Could I get a backport to whatever branches backports are still available for? I tested that it applied cleanly on 2.9 and passed tests there. That code hasn't changed in a while. On Tue, Jul 16, 2019 at 12:20 PM Ben Pfaff <blp@ovn.org> wrote: > On Thu, Jul 11, 2019 at 08:00:20AM -0500, Terry Wilson wrote: > > Without shutting down the SSL connection, log messages like: > > > > stream_ssl|WARN|SSL_read: unexpected SSL connection close > > jsonrpc|WARN|ssl:127.0.0.1:47052: receive error: Protocol error > > reconnect|WARN|ssl:127.0.0.1:47052: connection dropped (Protocol error) > > > > would occur whenever the socket is closed. This just adds an > > SSLStream.close() that calls shutdown() and ignores SSL errors, the > > same way that lib/stream-ssl.c does in ssl_close(). > > > > Signed-off-by: Terry Wilson <twilson@redhat.com> > > I applied this to master a few days ago, but it looks like I forgot to > point it out at the time. >
diff --git a/python/ovs/stream.py b/python/ovs/stream.py index c15be4b..a98057e 100644 --- a/python/ovs/stream.py +++ b/python/ovs/stream.py @@ -825,6 +825,14 @@ class SSLStream(Stream): except SSL.SysCallError as e: return -ovs.socket_util.get_exception_errno(e) + def close(self): + if self.socket: + try: + self.socket.shutdown() + except SSL.Error: + pass + return super(SSLStream, self).close() + if SSL: # Register SSL only if the OpenSSL module is available
Without shutting down the SSL connection, log messages like: stream_ssl|WARN|SSL_read: unexpected SSL connection close jsonrpc|WARN|ssl:127.0.0.1:47052: receive error: Protocol error reconnect|WARN|ssl:127.0.0.1:47052: connection dropped (Protocol error) would occur whenever the socket is closed. This just adds an SSLStream.close() that calls shutdown() and ignores SSL errors, the same way that lib/stream-ssl.c does in ssl_close(). Signed-off-by: Terry Wilson <twilson@redhat.com> --- python/ovs/stream.py | 8 ++++++++ 1 file changed, 8 insertions(+)