Why am I not fully releasing this SSL listener?

44 views
Skip to first unread message

Sage Gerard

unread,
Jul 24, 2020, 12:19:10 PM7/24/20
to Racket Users
I'm trying to understand how I am failing to shut down an ssl-listener on v7.7.0.5.

https://gist.github.com/zyrolasting/bc5477bfa60d7185d0f53a5142545f88 shows my use of ssl-* procedures to transmit data using test.pem. The problem is that I cannot run the test submodule twice in a row because the listening port is still occupied on subsequent runs. I added ssl-close on top of a custodian shutdown and that problem reproduces.

For comparison, https://gist.github.com/zyrolasting/3feb0ff4ecdf0b49bcf3e0ed8b630a06 avoids the ssl-* procedures and just uses vanilla TCP. I can run the tests fine then.

But in looking at mzssl.rkt in the source, it looks like shutdown requires calling a foreign function via SSL_shutdown. https://github.com/racket/racket/blob/master/racket/collects/openssl/mzssl.rkt#L1417

Do I have to call ports->ssl-ports out of band just so closing them sends a shut down as a side-effect? Or is keeping the port occupied between test runs a bug?

~slg


Ryan Culpepper

unread,
Jul 24, 2020, 1:27:47 PM7/24/20
to Sage Gerard, Racket Users
If you create the ssl-listener with reuse?=true instead, like this

  (define listener (ssl-listen port 5 #f #t ctx))

does the problem go away? If so, the error might happen because the OS reserves the port number for a while after the listener is closed; see the paragraph about TIME_WAIT in the tcp-listener docs. If that's the issue, I'm a little confused why the TCP version would succeed, though.

I believe SSL_shutdown is completely unrelated to the state of the TCP ports. Think of it like a "Connection: close" HTTP header; it announces your intention to close the TCP connection soon, but it has no actual effect on the transport layer.

Ryan


--
You received this message because you are subscribed to the Google Groups "Racket Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to racket-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/racket-users/EclLZhgUYlzvOx_uS0Ec154iNVVwXxNeZWcTIDzd72lwkA3M2OhVf8AW_cVMVUudM50kLuLVvnnnmiRGvZDvz5tPSUVOqFkC2LVI-2LY18Q%3D%40sagegerard.com.

Sage Gerard

unread,
Jul 25, 2020, 1:39:29 AM7/25/20
to ry...@racket-lang.org, racket...@googlegroups.com
Switching the reuse? flag does resolve the issue, thanks! I'm also confused about the part you mention since reuse? is passed right along to tcp-listen in mzssl.rkt. Only difference I can point to is my explicitly calling ssl-close and therefore tcp-close before a custodian shutdown. But it sounds like you are saying the OS may temporarily reserve the port in spite of me doing that.



-------- Original Message --------
Reply all
Reply to author
Forward
0 new messages