During a reload, the old process is still alive until all connections are
closed. There is a chance that the connections are HTTP keepalived ones, which
may not be reused. Hence, those connections will remain alive until a timeout
expires.
It is possible to detect such connections and immediately close them. An
exception is made when the previous HTTP status code is 401 or 407 in order
to leave NTLM sessions as is.
---
src/proxy.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/src/proxy.c b/src/proxy.c
index dc6d3e1..0207642 100644
--- a/src/proxy.c
+++ b/src/proxy.c
@@ -983,6 +983,28 @@ int pause_proxy(struct proxy *p)
}
+void sessions_cleanup(struct proxy *p)
+{
+ struct stream *s;
+
+ if (!(p->cap & PR_CAP_FE))
+ return;
+
+ list_for_each_entry(s, &streams, list) {
+ struct session *sess = s->sess;
+
+ if (sess && sess->fe == p) {
+ struct http_txn *txn = s->txn;
+
+ if (txn) {
+ int prev_status = txn->status;
+ if (txn->flags & TX_WAIT_NEXT_RQ &&
!(prev_status == 401 || prev_status == 407))
+ stream_shutdown(s, SF_ERR_KILLED);
+ }
+ }
+ }
+}
+
/*
* This function completely stops a proxy and releases its listeners. It has
* to be called when going down in order to release the ports so that another
@@ -1002,6 +1024,7 @@ void stop_proxy(struct proxy *p)
jobs--;
}
}
+ sessions_cleanup(p);
p->state = PR_STSTOPPED;
}
--
2.10.2
