[ovs-dev] [PATCH] Shutdown SSL connection before closing socket

Mark Michelson mmichels at redhat.com
Wed Jul 10 17:17:43 UTC 2019


On 7/10/19 12:11 PM, Terry Wilson wrote:
> An example of a reproducer script attached. If you enable SSL and OVN w/
> the sandbox and run it, looking in the sandbox/nb1.log you'll see the
> disconnect errors that the patch makes go away.
> 

Hi Terry. It looks like the mailing list has eaten your attachment. If 
possible, can you include it in-line?

> On Wed, Jul 10, 2019 at 11:07 AM Terry Wilson <twilson at redhat.com> wrote:
> 
>> Without shutting down the SSL connection, log messages like:
>>
>> stream_ssl|WARN|SSL_read: unexpected SSL connection close
>> jsonrpc|WARN|ssl:127.0.0.1:47052: receive error: Protocol error
>> reconnect|WARN|ssl:127.0.0.1:47052: connection dropped (Protocol error)
>>
>> would occur whenever the socket is closed. This just adds an
>> SSLStream.close() that calls shutdown() and ignores read/write
>> errors.
>>
>> Signed-off-by: Terry Wilson <twilson at redhat.com>
>> ---
>>   python/ovs/stream.py | 8 ++++++++
>>   1 file changed, 8 insertions(+)
>>
>> diff --git a/python/ovs/stream.py b/python/ovs/stream.py
>> index c15be4b..fd1045e 100644
>> --- a/python/ovs/stream.py
>> +++ b/python/ovs/stream.py
>> @@ -825,6 +825,14 @@ class SSLStream(Stream):
>>           except SSL.SysCallError as e:
>>               return -ovs.socket_util.get_exception_errno(e)
>>
>> +    def close(self):
>> +        if self.socket:
>> +            try:
>> +                self.socket.shutdown()
>> +            except (SSL.WantReadError, SSL.WantWriteError):
>> +                pass
>> +        return super(SSLStream, self).close()
>> +
>>
>>   if SSL:
>>       # Register SSL only if the OpenSSL module is available
>> --
>> 1.8.3.1
>>
>>
>>
>> _______________________________________________
>> dev mailing list
>> dev at openvswitch.org
>> https://mail.openvswitch.org/mailman/listinfo/ovs-dev



More information about the dev mailing list