Kern Sibbald wrote:
> OK, comment out line 578 of <bacula-source>/src/lib/tls.c that reads:
>
> bnet_restore_blocking(bsock, flags);
I tried this, and it didn't seem to make any difference - TCP streams still
closed out with RST. I noticed the commends in tls_bsock_shutdown about
calling SSL_shutdown twice. I searched around a bit, and found this:
http://www.openssl.org/docs/ssl/SSL_shutdown.html
"It is therefore recommended, to check the return value of SSL_shutdown() and
call SSL_shutdown() again, if the bidirectional shutdown is not yet complete
(return value of the first call is 0)."
So I tried doing this (see attached patch), and the RST was gone! All TCP
streams closed out nicely with FIN/ACK. I've put this fix on the systems that
have been failing, and will report back after tonight's backup run.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC
--- bacula-2.0.3/src/lib/tls.c 2007-01-23 20:59:13.000000000 -0500
+++ bacula-2.0.3-ssl-double-shutdown/src/lib/tls.c 2007-06-24
18:02:15.000000000 -0400
@@ -561,6 +561,10 @@
err = SSL_shutdown(bsock->tls->openssl);
+ if(err == 0){
+ err = SSL_shutdown(bsock->tls->openssl);
+ }
+
switch (SSL_get_error(bsock->tls->openssl, err)) {
case SSL_ERROR_NONE:
break;
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Bacula-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bacula-devel
