Bug #24634
closed
Smart proxy webrick 1.3 does not timeout SSL connections
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1614087
Description of problem:
Smart Proxy will crash and stop responding to any request after overloaded with huge number of requests.
I can reproduce this issue by sending 1000 requests to the foreman proxy at the same time. Send higher number of requests will guarantee reproduced.
It is only reproduced on:
- Satellite >=6.3. I can't reproduce it on Satellite 6.2.15
- On port 9090. Port 8000 is fine.
Steps:
1) Run this in a terminal. Expecting many request timeout errors
foreman-rake console
1000.times { Thread.new { begin; RestClient::Resource.new('https://127.0.0.1:9090/features', verify_ssl: OpenSSL::SSL::VERIFY_NONE).get; rescue StandardError => e; p e.message; end } }
2) On another terminal. Run the below command to check the connections.
lsof -i :9090 | wc -l
3) The issue is produced when you see a stuck connection.
lsof i :9090>localhost:58542 (ESTABLISHED) <====== This
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
ruby 1728 foreman-proxy 8u IPv4 68616 0t0 TCP *:websm (LISTEN)
ruby 1728 foreman-proxy 12u IPv4 27104675 0t0 TCP localhost:websm
- curl -v -k https://127.0.0.1:9090/features
- About to connect() to 127.0.0.1 port 9090 (#0)
- Trying 127.0.0.1...
- Connected to 127.0.0.1 (127.0.0.1) port 9090 (#0)
- Initializing NSS with certpath: sql:/etc/pki/nssdb
- STUCK FOREVER ##########
5) Restart foremon-proxy fixed the issue.
Updated by 
Updated by 
Updated by