On 2018/04/04 18:42, trondd wrote: > On Wed, April 4, 2018 10:02 am, trondd wrote: > > Bringing this back up from the depths. I kept rolling back to older > httpd > > code and forgetting about this :( > > I still see this issue in 6.3 A new packet cap look the same. > > Ok, I was able to do some more digging into this. httpd does not close > the socket after the range request completes. > > fstat will show the socket remaining open. A linux client will show the > socket in FIN_WAIT2 with netstat.
One of the mirror admins has been having trouble with a leak connected with range requests in httpd for ages. He mostly doesn't suffer too much now that he's using letsencrypt for which he's doing a full restart of httpd to load new certs... TBH I'd probably just disable range processing like done in https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/017_httpd.patch.sig for now, neither memory exhaustion nor FD leak are particularly appealing.
