From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 15 16:30:26 2021 Received: (at 47157) by debbugs.gnu.org; 15 Mar 2021 20:30:27 +0000 Received: from localhost ([127.0.0.1]:37302 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLtr8-0000Cb-KR for submit@debbugs.gnu.org; Mon, 15 Mar 2021 16:30:26 -0400 Received: from eggs.gnu.org ([209.51.188.92]:33666) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLtr6-0000CP-Jz for 47157@debbugs.gnu.org; Mon, 15 Mar 2021 16:30:25 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:51567) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lLtr1-0006Go-9b; Mon, 15 Mar 2021 16:30:19 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=46664 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1lLtqy-00017f-Lw; Mon, 15 Mar 2021 16:30:18 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Christopher Baines Subject: Re: bug#47157: =?utf-8?Q?=E2=80=9CBad?= Read-Header-Line header: =?utf-8?Q?#=3Ceof=3E=E2=80=9D?= while substituting References: <87eeggh4rh.fsf@inria.fr> <871rcgfiz9.fsf@cbaines.net> Date: Mon, 15 Mar 2021 21:30:15 +0100 In-Reply-To: <871rcgfiz9.fsf@cbaines.net> (Christopher Baines's message of "Mon, 15 Mar 2021 17:02:34 +0000") Message-ID: <87a6r4cg88.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47157 Cc: 47157@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) Christopher Baines skribis: >> I think 7b812f7c84c43455cdd68a0e51b6ded018afcc8e and subsequent commits >> may have caused this regression. In particular, in >> 20c08a8a45d0f137ead7c05e720456b2aea44402, >> =E2=80=98call-with-connection-error-handling=E2=80=99 is now used, but t= hat one doesn=E2=80=99t >> catch the exceptions mentioned above, in this case =E2=80=98bad-header= =E2=80=99. > > I think the behaviour changed unintentionally with [1], however, > thinking about the connection reuse in process-substitution compared > with http-multiple-get, there's no attempt here to look at if the server > has specified whether the connection should be closed. > > 1: https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3Df50f5751fff4cf= c6d5abba9681054569694b7a5c > > Just like http-multiple-get, it's probably worth trying to check the > headers of the response, look at whether the server has indicated that > the connection should be closed, and if so, close the connection, > forcing a new one to be established for future requests. I think that=E2=80=99s not enough because we can=E2=80=99t rely on the serv= er=E2=80=99s state intent here. For example, you have a keep-alive connection that you keep in cache. Minutes later, you come back and send a request over that port. If the server dropped the connection in the meantime, that can manifest in any of the ways we=E2=80=99ve seen: 'bad-response when attempting to read the response, some 'gnutls-error, 'system-error and EPIPE, etc. There=E2=80=99= s no way to determine in advance whether the socket is fine. That=E2=80=99s why the initial approach was to wrap all the call sites were= the socket was known to be possibly =E2=80=9Ctainted=E2=80=9D in =E2=80=98with-= cached-connection=E2=80=99. > I've now actually got around to testing this, I'm no expert at running > the substitute script manually without the guix-daemon, but I gave it a > go, using a local NGinx instance which just allowed two requests per > connection. I believe in this case =E2=80=98port-closed?=E2=80=99 returns true because = the socket/TLS record port got closed right at the end of the response, so it=E2=80=99s the =E2=80=9Ceasy=E2=80=9D case; I don=E2=80=99t think it capt= ures the situation I described above where an error comes up later while trying to write to/read from the port. Ludo=E2=80=99.