httpd running with fastcgi leaks the file descriptor if it opens the
socket but fails to connect it. Can be demonstrated by starting httpd
with a fastcgi config, opening a silly amount of sockets and throwing a
bunch of requests at it (eg. with apache bench) so the connections fail.
$ fstat | grep httpd | wc -l
57
$ ab -n 10000 -c 500 http://127.0.0.1/fcgitest/
$ grep 'Connection refused' /var/www/logs/error.log | wc -l
4540
4540 + 57 is...
$ fstat | grep httpd | wc -l
4597
If clt_fd is already set to fd, it will be closed when
server_abort_http() calls server_close() which calls close(), but
if fail happened before it was set, fd needs to be closed here.
Index: usr.sbin/httpd/server_fcgi.c
===================================================================
RCS file: /cvs/src/usr.sbin/httpd/server_fcgi.c,v
retrieving revision 1.64
diff -u -p -u -r1.64 server_fcgi.c
--- usr.sbin/httpd/server_fcgi.c 20 Aug 2015 13:00:23 -0000 1.64
+++ usr.sbin/httpd/server_fcgi.c 7 Oct 2015 11:49:30 -0000
@@ -399,6 +399,8 @@ server_fcgi(struct httpd *env, struct cl
free(script);
if (errstr == NULL)
errstr = strerror(errno);
+ if (fd != -1 && clt->clt_fd != fd)
+ close(fd);
server_abort_http(clt, 500, errstr);
return (-1);
}
Also, a small grammatical fix:
Index: usr.sbin/httpd/server_fcgi.c
===================================================================
RCS file: /cvs/src/usr.sbin/httpd/server_fcgi.c,v
retrieving revision 1.64
diff -u -p -u -r1.64 server_fcgi.c
--- usr.sbin/httpd/server_fcgi.c 20 Aug 2015 13:00:23 -0000 1.64
+++ usr.sbin/httpd/server_fcgi.c 7 Oct 2015 11:49:01 -0000
@@ -130,7 +130,7 @@ server_fcgi(struct httpd *env, struct cl
len = strlcpy(sun.sun_path,
srv_conf->socket, sizeof(sun.sun_path));
if (len >= sizeof(sun.sun_path)) {
- errstr = "socket path to long";
+ errstr = "socket path too long";
goto fail;
}
sun.sun_len = len;
--
Carlin
