Merge pull request #7864 from Icinga/bugfix/icinga2-doesn-t-close-connections-7203

Add timeout for boost::asio::ssl::stream#async_shutdown()
2020-10-19 15:25:12 +02:00 · 2020-10-19 15:25:12 +02:00 · a32c1bf910
parent f60ae93717 19c632e44b
commit a32c1bf910
4 changed files with 81 additions and 22 deletions
--- a/lib/base/io-engine.cpp
+++ b/lib/base/io-engine.cpp
@ -144,3 +144,11 @@ void AsioConditionVariable::Wait(boost::asio::yield_context yc)
 	boost::system::error_code ec;
 	m_Timer.async_wait(yc[ec]);
 }
+
+void Timeout::Cancel()
+{
+	m_Cancelled.store(true);
+
+	boost::system::error_code ec;
+	m_Timer.cancel(ec);
+}
--- a/lib/base/io-engine.hpp
+++ b/lib/base/io-engine.hpp
@ -6,10 +6,12 @@
 #include "base/exception.hpp"
 #include "base/lazy-init.hpp"
 #include "base/logger.hpp"
+#include "base/shared-object.hpp"
 #include <atomic>
 #include <exception>
 #include <memory>
 #include <thread>
+#include <utility>
 #include <vector>
 #include <stdexcept>
 #include <boost/exception/all.hpp>
@ -153,6 +155,56 @@ private:
 	boost::asio::deadline_timer m_Timer;
 };

+/**
+ * I/O timeout emulator
+ *
+ * @ingroup base
+ */
+class Timeout : public SharedObject
+{
+public:
+	DECLARE_PTR_TYPEDEFS(Timeout);
+
+	template<class Executor, class TimeoutFromNow, class OnTimeout>
+	Timeout(boost::asio::io_context& io, Executor& executor, TimeoutFromNow timeoutFromNow, OnTimeout onTimeout)
+		: m_Timer(io)
+	{
+		Ptr keepAlive (this);
+
+		m_Cancelled.store(false);
+		m_Timer.expires_from_now(std::move(timeoutFromNow));
+
+		IoEngine::SpawnCoroutine(executor, [this, keepAlive, onTimeout](boost::asio::yield_context yc) {
+			if (m_Cancelled.load()) {
+				return;
+			}
+
+			{
+				boost::system::error_code ec;
+
+				m_Timer.async_wait(yc[ec]);
+
+				if (ec) {
+					return;
+				}
+			}
+
+			if (m_Cancelled.load()) {
+				return;
+			}
+
+			auto f (onTimeout);
+			f(std::move(yc));
+		});
+	}
+
+	void Cancel();
+
+private:
+	boost::asio::deadline_timer m_Timer;
+	std::atomic<bool> m_Cancelled;
+};
+
 }

 #endif /* IO_ENGINE_H */
--- a/lib/remote/apilistener.cpp
+++ b/lib/remote/apilistener.cpp
@ -542,32 +542,19 @@ void ApiListener::NewClientHandlerInternal(
 	boost::system::error_code ec;

 	{
-		struct DoneHandshake
-		{
-			bool Done = false;
-		};
-
-		auto doneHandshake (Shared<DoneHandshake>::Make());
-
-		IoEngine::SpawnCoroutine(*strand, [strand, client, doneHandshake](asio::yield_context yc) {
-			namespace sys = boost::system;
-
-			{
-				boost::asio::deadline_timer timer (strand->context());
-				timer.expires_from_now(boost::posix_time::microseconds(intmax_t(Configuration::TlsHandshakeTimeout * 1000000)));
-
-				sys::error_code ec;
-				timer.async_wait(yc[ec]);
-			}
-
-			if (!doneHandshake->Done) {
-				sys::error_code ec;
+		Timeout::Ptr handshakeTimeout (new Timeout(
+			strand->context(),
+			*strand,
+			boost::posix_time::microseconds(intmax_t(Configuration::TlsHandshakeTimeout * 1000000)),
+			[strand, client](asio::yield_context yc) {
+				boost::system::error_code ec;
 				client->lowest_layer().cancel(ec);
 			}
-		});
+		));

 		sslConn.async_handshake(role == RoleClient ? sslConn.client : sslConn.server, yc[ec]);
-		doneHandshake->Done = true;
+
+		handshakeTimeout->Cancel();
 	}

 	if (ec) {
--- a/lib/remote/jsonrpcconnection.cpp
+++ b/lib/remote/jsonrpcconnection.cpp
@ -235,8 +235,20 @@ void JsonRpcConnection::Disconnect()

 			m_Stream->lowest_layer().cancel(ec);

+			Timeout::Ptr shutdownTimeout (new Timeout(
+				m_IoStrand.context(),
+				m_IoStrand,
+				boost::posix_time::seconds(10),
+				[this, keepAlive](asio::yield_context yc) {
+					boost::system::error_code ec;
+					m_Stream->lowest_layer().cancel(ec);
+				}
+			));
+
 			m_Stream->next_layer().async_shutdown(yc[ec]);

+			shutdownTimeout->Cancel();
+
 			m_Stream->lowest_layer().shutdown(m_Stream->lowest_layer().shutdown_both, ec);
 		}
 	});