summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2005-08-20 04:38:35 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:33:34 -0500
commitfd74e3e1f5eb1a20be773627864415676b0cec21 (patch)
tree23a359a147c088cb5735c25d7fecf5b94794f8a1
parent3fd6b47502bac57ca720e372d80843ae63c02723 (diff)
downloadsamba-fd74e3e1f5eb1a20be773627864415676b0cec21.tar.gz
samba-fd74e3e1f5eb1a20be773627864415676b0cec21.tar.bz2
samba-fd74e3e1f5eb1a20be773627864415676b0cec21.zip
r9409: fix a problem that volker noticed with web page timeouts causing smbd
to crash. This is one of the downsides of the fact that the ejs engine is not event driven, resulting in the rendering of each web page being 'semi-async'. We need to protect the web context from the timeout processing until we have unwound the stack back to the point that the 'web' variable representing the page rendering logic won't be used any more. (This used to be commit 97e3c9eaf1a917eb504a2c3414c5d2b64cd4539a)
-rw-r--r--source4/web_server/http.c11
-rw-r--r--source4/web_server/web_server.c16
2 files changed, 25 insertions, 2 deletions
diff --git a/source4/web_server/http.c b/source4/web_server/http.c
index 7bb45afc1e..7aa99b09f6 100644
--- a/source4/web_server/http.c
+++ b/source4/web_server/http.c
@@ -501,6 +501,7 @@ static void esp_request(struct esp_state *esp, const char *url)
return;
}
#endif
+
res = espProcessRequest(esp->req, url, buf, &emsg);
if (res != 0 && emsg) {
http_writeBlock(web, "<pre>", 5);
@@ -866,6 +867,12 @@ void http_process_input(struct websrv_context *web)
}
}
+ if (web->conn == NULL) {
+ /* the connection has been terminated above us, probably
+ via a timeout */
+ goto internal_error;
+ }
+
if (!web->output.output_pending) {
http_output_headers(web);
EVENT_FD_WRITEABLE(web->conn->event.fde);
@@ -909,7 +916,9 @@ void http_process_input(struct websrv_context *web)
internal_error:
mprSetCtx(esp);
talloc_free(esp);
- http_error(web, 500, "Internal server error");
+ if (web->conn != NULL) {
+ http_error(web, 500, "Internal server error");
+ }
mprSetCtx(save_mpr_ctx);
ejs_restore_state(ejs_save);
}
diff --git a/source4/web_server/web_server.c b/source4/web_server/web_server.c
index 4962185526..e85c4f20c7 100644
--- a/source4/web_server/web_server.c
+++ b/source4/web_server/web_server.c
@@ -52,7 +52,11 @@ static void websrv_timeout(struct event_context *event_context,
struct timeval t, void *private)
{
struct websrv_context *web = talloc_get_type(private, struct websrv_context);
- stream_terminate_connection(web->conn, "websrv_timeout: timed out");
+ struct stream_connection *conn = web->conn;
+ web->conn = NULL;
+ /* TODO: send a message to any running esp context on this connection
+ to stop running */
+ stream_terminate_connection(conn, "websrv_timeout: timed out");
}
/*
@@ -108,7 +112,17 @@ static void websrv_recv(struct stream_connection *conn, uint16_t flags)
web->input.partial.data[web->input.content_length] = 0;
}
EVENT_FD_NOT_READABLE(web->conn->event.fde);
+
+ /* the reference/unlink code here is quite subtle. It
+ is needed because the rendering of the web-pages, and
+ in particular the esp/ejs backend, is semi-async. So
+ we could well end up in the connection timeout code
+ while inside http_process_input(), but we must not
+ destroy the stack variables being used by that
+ rendering process when we handle the timeout. */
+ talloc_reference(web->task, web);
http_process_input(web);
+ talloc_unlink(web->task, web);
}
return;