Do not TLS close_notify when resetting a TCP connection (#1944)

squid-cache · Nov 23, 2024 · f157e3a · f157e3a
1 parent 7960006
commit f157e3a
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/src/comm.cc b/src/comm.cc
@@ -783,6 +783,8 @@ commConfigureLinger(const int fd, const OnOff enabled)
     l.l_onoff = (enabled == OnOff::on ? 1 : 0);
     l.l_linger = 0; // how long to linger for, in seconds
 
+    fd_table[fd].flags.harshClosureRequested = (l.l_onoff && !l.l_linger); // close(2) sends TCP RST if true
+
     if (setsockopt(fd, SOL_SOCKET, SO_LINGER, reinterpret_cast<char*>(&l), sizeof(l)) < 0) {
         const auto xerrno = errno;
         debugs(50, DBG_CRITICAL, "ERROR: Failed to set closure behavior (SO_LINGER) for FD " << fd << ": " << xstrerr(xerrno));
@@ -877,7 +879,7 @@ _comm_close(int fd, char const *file, int line)
     // For simplicity sake, we remain in the caller's context while still
     // allowing individual advanced callbacks to overwrite it.
 
-    if (F->ssl) {
+    if (F->ssl && !F->flags.harshClosureRequested) {
         const auto startCall = asyncCall(5, 4, "commStartTlsClose",
                                          callDialer(commStartTlsClose, fd));
         ScheduleCallHere(startCall);

diff --git a/src/fde.h b/src/fde.h
@@ -127,6 +127,8 @@ class fde
         bool read_pending = false;
         //bool write_pending; //XXX seems not to be used
         bool transparent = false;
+        /// whether comm_reset_close() (or old_comm_reset_close()) has been called
+        bool harshClosureRequested = false;
     } flags;
 
     int64_t bytes_read = 0;