rack-devel archive mirror (unofficial) https://groups.google.com/group/rack-devel
 help / color / mirror / code / Atom feed
* Close body object after socket hijacking or not?
@ 2015-02-02 21:26 Hongli Lai
  2015-04-17 20:43 ` Eric Wong
  0 siblings, 1 reply; 7+ messages in thread
From: Hongli Lai @ 2015-02-02 21:26 UTC (permalink / raw)
  To: rack-devel


[-- Attachment #1.1: Type: text/plain, Size: 1224 bytes --]

Some users are experiencing problems with Rack::Lock and socket hijacking 
in combination with some servers, such as Phusion Passenger. They've 
noticed that when Rack::Lock is used in a request that hijacks the socket, 
the next request fails with "deadlock; recursive locking" inside Rack::Lock.

I've posted the results of my investigation 
here: https://github.com/ngauthier/tubesock/issues/10#issuecomment-72539461. 
But the bottom line is that different servers handle the response body 
object differently in the face of socket hijacking.

So I'd like to have clarification on the following question: are servers 
supposed to call #close on the body object or not, after the request as 
been hijacked? The way the specification is currently written is ambiguous. 
It seems to imply that servers must only call #close on the body object if 
the request was partially hijacked, but not when the request was fully 
hijacked.

-- 

--- 
You received this message because you are subscribed to the Google Groups "Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[-- Attachment #1.2: Type: text/html, Size: 1455 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Close body object after socket hijacking or not?
  2015-02-02 21:26 Close body object after socket hijacking or not? Hongli Lai
@ 2015-04-17 20:43 ` Eric Wong
  2015-05-29 14:09   ` Hongli Lai
  0 siblings, 1 reply; 7+ messages in thread
From: Eric Wong @ 2015-04-17 20:43 UTC (permalink / raw)
  To: rack-devel

I would like clarication on this issue, too.  Ping?

-- 

--- 
You received this message because you are subscribed to the Google Groups "Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Close body object after socket hijacking or not?
  2015-04-17 20:43 ` Eric Wong
@ 2015-05-29 14:09   ` Hongli Lai
  2015-06-04  2:11     ` Eric Wong
  0 siblings, 1 reply; 7+ messages in thread
From: Hongli Lai @ 2015-05-29 14:09 UTC (permalink / raw)
  To: rack-devel; +Cc: e


[-- Attachment #1.1: Type: text/plain, Size: 800 bytes --]

On Friday, April 17, 2015 at 10:43:38 PM UTC+2, Eric Wong wrote:
>
> I would like clarication on this issue, too.  Ping? 
>

No clarification has appeared. But as far as I'm concerned, closing the 
body anyway is the best thing to do. Rack::Lock is currently broken if we 
*don't* close the body upon hijacking, and there seems to be no 
alternative. I'll modify Passenger to follow this behavior. Starting from 
version 5.0.9, Passenger will also close the body upon hijacking, just like 
Puma and Thin.

-- 

--- 
You received this message because you are subscribed to the Google Groups "Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[-- Attachment #1.2: Type: text/html, Size: 1147 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Close body object after socket hijacking or not?
  2015-05-29 14:09   ` Hongli Lai
@ 2015-06-04  2:11     ` Eric Wong
  2015-06-04  6:53       ` Hongli Lai
  0 siblings, 1 reply; 7+ messages in thread
From: Eric Wong @ 2015-06-04  2:11 UTC (permalink / raw)
  To: rack-devel; +Cc: Marc-André Cournoyer, Hongli Lai

Hongli Lai <honglilai@gmail.com> wrote:
> On Friday, April 17, 2015 at 10:43:38 PM UTC+2, Eric Wong wrote:
> >
> > I would like clarication on this issue, too.  Ping? 
> >
> 
> No clarification has appeared. But as far as I'm concerned, closing the 
> body anyway is the best thing to do. Rack::Lock is currently broken if we 
> *don't* close the body upon hijacking, and there seems to be no 
> alternative. I'll modify Passenger to follow this behavior. Starting from 
> version 5.0.9, Passenger will also close the body upon hijacking, just like 
> Puma and Thin.

Where does thin do this?  I can see puma doing it, but it doesn't look
like thin supports hijack at all.

git clone git://github.com/macournoyer/thin && cd thin && git grep -i hijack
<no output from git grep>

-- 

--- 
You received this message because you are subscribed to the Google Groups "Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Close body object after socket hijacking or not?
  2015-06-04  2:11     ` Eric Wong
@ 2015-06-04  6:53       ` Hongli Lai
  2015-06-04 12:38         ` Marc-André Cournoyer
  0 siblings, 1 reply; 7+ messages in thread
From: Hongli Lai @ 2015-06-04  6:53 UTC (permalink / raw)
  To: Eric Wong; +Cc: rack-devel, Marc-André Cournoyer

On Thu, Jun 4, 2015 at 4:11 AM, Eric Wong <e@80x24.org> wrote:
> Where does thin do this?  I can see puma doing it, but it doesn't look
> like thin supports hijack at all.
>
> git clone git://github.com/macournoyer/thin && cd thin && git grep -i hijack
> <no output from git grep>

You are right. It seems I am mistaken about this and got confused with
another related aspect I was researching.

I was researching
https://github.com/ngauthier/tubesock/issues/10#issuecomment-72539461
and came to the conclusion that the bug doesn't occur in the same way
on Thin, and somehow I got confused later on to conclude that Thin
supports hijacking.

-- 

--- 
You received this message because you are subscribed to the Google Groups "Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Close body object after socket hijacking or not?
  2015-06-04  6:53       ` Hongli Lai
@ 2015-06-04 12:38         ` Marc-André Cournoyer
  2015-06-28 20:46           ` James Tucker
  0 siblings, 1 reply; 7+ messages in thread
From: Marc-André Cournoyer @ 2015-06-04 12:38 UTC (permalink / raw)
  To: Hongli Lai; +Cc: Eric Wong, rack-devel

[-- Attachment #1: Type: text/plain, Size: 1130 bytes --]

Indeed, no support for hijacking planned in Thin atm.

On Thu, Jun 4, 2015 at 2:53 AM, Hongli Lai <honglilai@gmail.com> wrote:

> On Thu, Jun 4, 2015 at 4:11 AM, Eric Wong <e@80x24.org> wrote:
> > Where does thin do this?  I can see puma doing it, but it doesn't look
> > like thin supports hijack at all.
> >
> > git clone git://github.com/macournoyer/thin && cd thin && git grep -i
> hijack
> > <no output from git grep>
>
> You are right. It seems I am mistaken about this and got confused with
> another related aspect I was researching.
>
> I was researching
> https://github.com/ngauthier/tubesock/issues/10#issuecomment-72539461
> and came to the conclusion that the bug doesn't occur in the same way
> on Thin, and somehow I got confused later on to conclude that Thin
> supports hijacking.
>



-- 
M-A
http://macournoyer.com

-- 

--- 
You received this message because you are subscribed to the Google Groups "Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[-- Attachment #2: Type: text/html, Size: 2044 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Close body object after socket hijacking or not?
  2015-06-04 12:38         ` Marc-André Cournoyer
@ 2015-06-28 20:46           ` James Tucker
  0 siblings, 0 replies; 7+ messages in thread
From: James Tucker @ 2015-06-28 20:46 UTC (permalink / raw)
  To: rack-devel, Hongli Lai; +Cc: Eric Wong

[-- Attachment #1: Type: text/plain, Size: 2406 bytes --]

Rack::Lock is a hack. Users wanting to operate with hijack should really
not be doing this under Rack::Lock.

Rack::Lock adds "server" (-like) semantics in the middle of the middleware
stack, and can break conventions required between the app and the server
for things like hijack.

Regarding the calling of close, yes, this should be done. Rack::Lock is the
most "visible" requirement to do this, but servers that support all of
HTTP/1.1 (i.e. pipelining) will require this. It should be noted that some
popular articles missed that this is what rack.hijack? is about, among
other things.

Sorry I missed this thread for so long, but I've been doing other things.
Implementors with questions should feel free to cc me directly if I'm not
picking up on stuff, I'll help where I can.

On Thu, Jun 4, 2015 at 5:38 AM Marc-André Cournoyer <macournoyer@gmail.com>
wrote:

> Indeed, no support for hijacking planned in Thin atm.
>
> On Thu, Jun 4, 2015 at 2:53 AM, Hongli Lai <honglilai@gmail.com> wrote:
>
>> On Thu, Jun 4, 2015 at 4:11 AM, Eric Wong <e@80x24.org> wrote:
>> > Where does thin do this?  I can see puma doing it, but it doesn't look
>> > like thin supports hijack at all.
>> >
>> > git clone git://github.com/macournoyer/thin && cd thin && git grep -i
>> hijack
>> > <no output from git grep>
>>
>> You are right. It seems I am mistaken about this and got confused with
>> another related aspect I was researching.
>>
>> I was researching
>> https://github.com/ngauthier/tubesock/issues/10#issuecomment-72539461
>> and came to the conclusion that the bug doesn't occur in the same way
>> on Thin, and somehow I got confused later on to conclude that Thin
>> supports hijacking.
>>
>
>
>
> --
> M-A
> http://macournoyer.com
>
>  --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "Rack Development" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to rack-devel+unsubscribe@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 

--- 
You received this message because you are subscribed to the Google Groups "Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[-- Attachment #2: Type: text/html, Size: 3794 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2015-06-28 20:46 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-02-02 21:26 Close body object after socket hijacking or not? Hongli Lai
2015-04-17 20:43 ` Eric Wong
2015-05-29 14:09   ` Hongli Lai
2015-06-04  2:11     ` Eric Wong
2015-06-04  6:53       ` Hongli Lai
2015-06-04 12:38         ` Marc-André Cournoyer
2015-06-28 20:46           ` James Tucker

Code repositories for project(s) associated with this inbox:

	https://80x24.org/mirrors/rack.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).