K 10
svn:author
V 8
rmacklem
K 8
svn:date
V 27
2020-06-30T14:49:51.754461Z
K 7
svn:log
V 873
Testing when a server does not respond to TLS handshake records exposed
a couple of problems, since the daemon would be in SSL_connect() for 6 minutes.

- When the upcall timed out and was retried, the RPCTLS_SYSC_CLSOCKET syscall
  was broken and did not return an error upon a retry. It allocated a file
  descriptor for a NULL socket.
- The socket structure in the kernel could be free'd while the daemon was
  still using it in SSL_connect().
- Adjust the timeout a retry count so that upcalls are only attempted once
  with a 10minute timeout.

This patch fixes these problems by changing the following:
- If the handshake is in progress, don't soclose(so) in the kernel
  clnt_vc_destroy().
- Fix the RPCTLS_SYSC_CLSOCKET (and RPCTLS_SYSC_SRVSOCKET) to correctly
  return an error if the socket is NULL (which means it already has a
  file decriptor assigned to it).

END