Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 767dedd9a300e93c01e17a8ddffaf1f57b480212
commit767dedd9a300e93c01e17a8ddffaf1f57b480212[log] [tgz]
authorWilly Tarreau <w@1wt.eu>Thu Jan 21 08:53:50 2021 +0100
committerWilly Tarreau <w@1wt.eu>Thu Jan 28 18:13:36 2021 +0100
tree54514f7e72419ec0a245ae7de331682a4513d46e
parent9e1771423d5b08b5207a160dff3a98ab59aa0f02 [diff]
MINOR: ssl/show_fd: report some FDs as suspicious when possible

If a subscriber's tasklet was called more than one million times, if
the ssl_ctx's connection doesn't match the current one, or if the
connection appears closed in one direction while the SSL stack is
still subscribed, the FD is reported as suspicious. The close cases
may occasionally trigger a false positive during very short and rare
windows. Similarly the 1M calls will trigger after 16GB are transferred
over a given connection. These are rare enough events to be reported as
suspicious.

(cherry picked from commit 4bd5d630ace94ee6b4cbb7375ec75f50a927a826)
Signed-off-by: Willy Tarreau <w@1wt.eu>
1 file changed
tree: 54514f7e72419ec0a245ae7de331682a4513d46e
  1. .github/
  2. contrib/
  3. doc/
  4. examples/
  5. include/
  6. reg-tests/
  7. scripts/
  8. src/
  9. tests/
  10. .cirrus.yml
  11. .gitattributes
  12. .gitignore
  13. .travis.yml
  14. BRANCHES
  15. CHANGELOG
  16. CONTRIBUTING
  17. INSTALL
  18. LICENSE
  19. MAINTAINERS
  20. Makefile
  21. README
  22. ROADMAP
  23. SUBVERS
  24. VERDATE
  25. VERSION