From 24b9f66dcdda44378b4053645333ce9ce336b413 Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Sat, 17 Aug 2013 01:09:46 +0000 Subject: http_server: improve handling of client-triggerable socket errors We do not attempt to write HTTP responses for socket errors if clients disconnect from us unexpectedly. Additionally, we do not hide backtraces EINVAL/EBADF errors, since they are indicative of real bugs which must be fixed. We do continue to hide hide EOF, ECONNRESET, ENOTCONN, and EPIPE because clients (even "friendly") ones will break connections due to client crashes or network failure (which is common for me :P), and the backtraces from those will cause excessive logging and even become a DoS vector. --- lib/unicorn/http_server.rb | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/unicorn/http_server.rb b/lib/unicorn/http_server.rb index cc0a705..bed24d0 100644 --- a/lib/unicorn/http_server.rb +++ b/lib/unicorn/http_server.rb @@ -520,9 +520,8 @@ class Unicorn::HttpServer # the socket is closed at the end of this function def handle_error(client, e) code = case e - when EOFError,Errno::ECONNRESET,Errno::EPIPE,Errno::EINVAL,Errno::EBADF, - Errno::ENOTCONN - 500 + when EOFError,Errno::ECONNRESET,Errno::EPIPE,Errno::ENOTCONN + # client disconnected on us and there's nothing we can do when Unicorn::RequestURITooLongError 414 when Unicorn::RequestEntityTooLargeError @@ -533,7 +532,9 @@ class Unicorn::HttpServer Unicorn.log_error(@logger, "app error", e) 500 end - client.kgio_trywrite(err_response(code, @request.response_start_sent)) + if code + client.kgio_trywrite(err_response(code, @request.response_start_sent)) + end client.close rescue end -- cgit v1.2.3-24-ge0c7