From unknown Sat Jun 14 14:14:34 2025
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
Content-Type: text/plain; charset=utf-8
From: bug#20145 <20145@debbugs.gnu.org>
To: bug#20145 <20145@debbugs.gnu.org>
Subject: Status: (guix build download) leaks file descriptor on TLS
 connections
Reply-To: bug#20145 <20145@debbugs.gnu.org>
Date: Sat, 14 Jun 2025 21:14:34 +0000

retitle 20145 (guix build download) leaks file descriptor on TLS connections
reassign 20145 guix
submitter 20145 ludo@gnu.org (Ludovic Court=C3=A8s)
severity 20145 normal

thanks


From debbugs-submit-bounces@debbugs.gnu.org Thu Mar 19 14:16:35 2015
Received: (at submit) by debbugs.gnu.org; 19 Mar 2015 18:16:35 +0000
Received: from localhost ([127.0.0.1]:53306 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1YYezi-0007zq-Ud
	for submit@debbugs.gnu.org; Thu, 19 Mar 2015 14:16:35 -0400
Received: from eggs.gnu.org ([208.118.235.92]:33076)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <ludo@gnu.org>) id 1YYezh-0007zi-A8
 for submit@debbugs.gnu.org; Thu, 19 Mar 2015 14:16:33 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <ludo@gnu.org>) id 1YYezf-00081Y-VJ
 for submit@debbugs.gnu.org; Thu, 19 Mar 2015 14:16:33 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:42395)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1YYezf-00081U-S4
 for submit@debbugs.gnu.org; Thu, 19 Mar 2015 14:16:31 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:34795)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <ludo@gnu.org>) id 1YYezf-0005tB-34
 for bug-guix@gnu.org; Thu, 19 Mar 2015 14:16:31 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <ludo@gnu.org>) id 1YYezb-00080p-Bs
 for bug-guix@gnu.org; Thu, 19 Mar 2015 14:16:31 -0400
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:39028)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1YYezb-00080l-8R
 for bug-guix@gnu.org; Thu, 19 Mar 2015 14:16:27 -0400
Received: from reverse-83.fdn.fr ([80.67.176.83]:39977 helo=pluto)
 by fencepost.gnu.org with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <ludo@gnu.org>) id 1YYeza-0000dQ-OW
 for bug-guix@gnu.org; Thu, 19 Mar 2015 14:16:27 -0400
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
To: bug-guix@gnu.org
Subject: (guix build download) leaks file descriptor on TLS connections
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: 29 =?utf-8?Q?Vent=C3=B4se?= an 223 de la =?utf-8?Q?R?=
 =?utf-8?Q?=C3=A9volution?=
X-PGP-Key-ID: 0xEA52ECF4
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 83C4 F8E5 10A3 3B4C 5BEA  D15D 77DD 95E2 EA52 ECF4
X-OS: x86_64-unknown-linux-gnu
Date: Thu, 19 Mar 2015 19:16:24 +0100
Message-ID: <87619w6efb.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

When opening an HTTPS connection, the file descriptor beneath the port
returned by =E2=80=98tls-wrap=E2=80=99 is leaked.

This is not a problem in most cases (downloads) because the process is
left as soon as the download is over.

This is more problematic for =E2=80=98guix lint=E2=80=99, which may open a =
large number
of HTTPS connections for the =E2=80=98source=E2=80=99 and =E2=80=98home-pag=
e=E2=80=99 checkers when
working on all the packages.

Ludo=E2=80=99.




From debbugs-submit-bounces@debbugs.gnu.org Thu Mar 17 18:57:58 2016
Received: (at 20145-done) by debbugs.gnu.org; 17 Mar 2016 22:57:58 +0000
Received: from localhost ([127.0.0.1]:51531 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1aggre-0008EY-Cl
	for submit@debbugs.gnu.org; Thu, 17 Mar 2016 18:57:58 -0400
Received: from eggs.gnu.org ([208.118.235.92]:57983)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1aggrc-0008EM-Jo
 for 20145-done@debbugs.gnu.org; Thu, 17 Mar 2016 18:57:56 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <ludo@gnu.org>) id 1aggrU-0002CX-AT
 for 20145-done@debbugs.gnu.org; Thu, 17 Mar 2016 18:57:51 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:45176)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1aggrU-0002CT-8L
 for 20145-done@debbugs.gnu.org; Thu, 17 Mar 2016 18:57:48 -0400
Received: from reverse-83.fdn.fr ([80.67.176.83]:44490 helo=pluto)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <ludo@gnu.org>) id 1aggrT-0006OS-GK
 for 20145-done@debbugs.gnu.org; Thu, 17 Mar 2016 18:57:47 -0400
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
To: 20145-done@debbugs.gnu.org
Subject: Re: bug#20145: (guix build download) leaks file descriptor on TLS
 connections
References: <87619w6efb.fsf@gnu.org>
Date: Thu, 17 Mar 2016 23:57:45 +0100
In-Reply-To: <87619w6efb.fsf@gnu.org> ("Ludovic
 \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\=
 \=\?utf-8\?Q\?s\?\= message of "Thu, 19 Mar 2015 19:16:24 +0100")
Message-ID: <87oaac1zme.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 20145-done
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

ludo@gnu.org (Ludovic Court=C3=A8s) skribis:

> When opening an HTTPS connection, the file descriptor beneath the port
> returned by =E2=80=98tls-wrap=E2=80=99 is leaked.
>
> This is not a problem in most cases (downloads) because the process is
> left as soon as the download is over.
>
> This is more problematic for =E2=80=98guix lint=E2=80=99, which may open =
a large number
> of HTTPS connections for the =E2=80=98source=E2=80=99 and =E2=80=98home-p=
age=E2=80=99 checkers when
> working on all the packages.

This is essentially solved by commits
14d6ca3e4dd23ee92adb5e2fcf58546e67534631 and
097a951e96718a037dbfa6d579e2d26f7dab3e82.

One still needs to be careful, though, for instance because closing a
chunked encoding port (which is a custom binary input port wrapped
around the real socket port) still fails to close the raw socket port
that=E2=80=99s behind the TLS session record port.

Ludo=E2=80=99.




From unknown Sat Jun 14 14:14:34 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Fri, 15 Apr 2016 11:24:04 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator


From debbugs-submit-bounces@debbugs.gnu.org Thu Jan 02 18:05:43 2020
Received: (at request) by debbugs.gnu.org; 2 Jan 2020 23:05:44 +0000
Received: from localhost ([127.0.0.1]:40177 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1in9XD-0002XC-MW
	for submit@debbugs.gnu.org; Thu, 02 Jan 2020 18:05:43 -0500
Received: from eggs.gnu.org ([209.51.188.92]:48742)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1in9XB-0002Wv-Ax
 for request@debbugs.gnu.org; Thu, 02 Jan 2020 18:05:42 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:38160)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1in9X5-00068Y-T6
 for request@debbugs.gnu.org; Thu, 02 Jan 2020 18:05:36 -0500
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=51568 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@gnu.org>) id 1in9X4-0001OK-Cl
 for request@debbugs.gnu.org; Thu, 02 Jan 2020 18:05:35 -0500
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
To: request@debbugs.gnu.org
Subject: unarchive 20145
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: 14 =?utf-8?Q?Niv=C3=B4se?= an 228 de la =?utf-8?Q?R?=
 =?utf-8?Q?=C3=A9volution?=
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Fri, 03 Jan 2020 00:05:28 +0100
Message-ID: <87y2upqx1j.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: request
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

unarchive 20145
reopen 20145
thanks




From unknown Sat Jun 14 14:14:34 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: Did not alter fixed versions and reopened.
Date: Thu, 02 Jan 2020 23:06:01 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# Did not alter fixed versions and reopened.
thanks
# This fakemail brought to you by your local debbugs
# administrator


From debbugs-submit-bounces@debbugs.gnu.org Thu Jan 02 18:08:10 2020
Received: (at control) by debbugs.gnu.org; 2 Jan 2020 23:08:10 +0000
Received: from localhost ([127.0.0.1]:40185 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1in9Za-0002c4-DS
	for submit@debbugs.gnu.org; Thu, 02 Jan 2020 18:08:10 -0500
Received: from eggs.gnu.org ([209.51.188.92]:59645)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1in9ZZ-0002bn-0t
 for control@debbugs.gnu.org; Thu, 02 Jan 2020 18:08:09 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:38186)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1in9ZT-0001sp-Ug
 for control@debbugs.gnu.org; Thu, 02 Jan 2020 18:08:03 -0500
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=51586 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@gnu.org>) id 1in9ZT-0001bD-E6
 for control@debbugs.gnu.org; Thu, 02 Jan 2020 18:08:03 -0500
Date: Fri, 03 Jan 2020 00:08:01 +0100
Message-Id: <87v9ptqwxa.fsf@gnu.org>
To: control@debbugs.gnu.org
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
Subject: control message for bug #20145
MIME-version: 1.0
Content-type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

merge 20145 38836
quit





From debbugs-submit-bounces@debbugs.gnu.org Thu Jan 02 18:19:30 2020
Received: (at 20145) by debbugs.gnu.org; 2 Jan 2020 23:19:30 +0000
Received: from localhost ([127.0.0.1]:40194 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1in9kX-0004sp-Ol
	for submit@debbugs.gnu.org; Thu, 02 Jan 2020 18:19:29 -0500
Received: from eggs.gnu.org ([209.51.188.92]:57348)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1in9kW-0004sY-4P
 for 20145@debbugs.gnu.org; Thu, 02 Jan 2020 18:19:28 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:38366)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1in9kQ-0007Cm-O2; Thu, 02 Jan 2020 18:19:22 -0500
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=51794 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@gnu.org>)
 id 1in9kP-0002TV-Ae; Thu, 02 Jan 2020 18:19:21 -0500
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
To: 20145@debbugs.gnu.org
Subject: Re: bug#20145: (guix build download) leaks file descriptor on TLS
 connections
References: <87oaac1zme.fsf@gnu.org> <87619w6efb.fsf@gnu.org>
 <handler.20145.D20145.145825547831659.notifdone@debbugs.gnu.org>
Date: Fri, 03 Jan 2020 00:19:19 +0100
In-Reply-To: <handler.20145.D20145.145825547831659.notifdone@debbugs.gnu.org>
 (GNU bug Tracking System's message of "Thu, 17 Mar 2016 22:58:02
 +0000")
Message-ID: <87png1qweg.fsf_-_@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 20145
Cc: Ricardo Wurmus <rekado@elephly.net>,
 Valentin Ignatev <valentignatev@gmail.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

Back in 2015, I closed <https://issues.guix.gnu.org/issue/20145> saying:

> ludo@gnu.org (Ludovic Court=C3=A8s) skribis:
>
>> When opening an HTTPS connection, the file descriptor beneath the port
>> returned by =E2=80=98tls-wrap=E2=80=99 is leaked.
>>
>> This is not a problem in most cases (downloads) because the process is
>> left as soon as the download is over.
>>
>> This is more problematic for =E2=80=98guix lint=E2=80=99, which may open=
 a large number
>> of HTTPS connections for the =E2=80=98source=E2=80=99 and =E2=80=98home-=
page=E2=80=99 checkers when
>> working on all the packages.
>
> This is essentially solved by commits
> 14d6ca3e4dd23ee92adb5e2fcf58546e67534631 and
> 097a951e96718a037dbfa6d579e2d26f7dab3e82.
>
> One still needs to be careful, though, for instance because closing a
> chunked encoding port (which is a custom binary input port wrapped
> around the real socket port) still fails to close the raw socket port
> that=E2=80=99s behind the TLS session record port.

Unfortunately, the bug just reported by Valentin and by Ricardo are
instances of this problem (at least I checked with crates.io and it
uses chunked encoding, leading to a file descriptor leak):

  https://issues.guix.gnu.org/issue/38857
  https://issues.guix.gnu.org/issue/38836

To be continued=E2=80=A6

Ludo=E2=80=99.




From debbugs-submit-bounces@debbugs.gnu.org Fri Jan 03 07:25:28 2020
Received: (at 20145) by debbugs.gnu.org; 3 Jan 2020 12:25:28 +0000
Received: from localhost ([127.0.0.1]:40473 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1inM1A-00074O-E2
	for submit@debbugs.gnu.org; Fri, 03 Jan 2020 07:25:28 -0500
Received: from mail-il1-f193.google.com ([209.85.166.193]:46041)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <valentignatev@gmail.com>) id 1inM19-00074C-0J
 for 20145@debbugs.gnu.org; Fri, 03 Jan 2020 07:25:27 -0500
Received: by mail-il1-f193.google.com with SMTP id p8so36463973iln.12
 for <20145@debbugs.gnu.org>; Fri, 03 Jan 2020 04:25:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=Q7loeImi+ndM3VubteNy3BhoSR0vgAyVr51xCBEJ990=;
 b=L/XkQ2RV9Vs8L28NL8eOLe2gPpaMNa36lnsXCfhX0QN/BgrApvUyC9VgAa0Lmsw1vw
 z1Az635GBOE2Un1UwXtvS7bHkO6Fg9I14wZpJow8GjN8sMvaveE8t3veb+SYZdDU7y9N
 qx+KpYL9Mo1KDJdaNvlaA9zxBNkOJkkf8XSAfWBJWTYyScKWq9yHklfpYR44bN3ZBdXO
 QUBTD/9/41StEtE7OFaK65LXI9lA0XOne2gt2omFwSiEyKH8Ovcqo8OOI96cREEo9q1l
 RDZD4svVJCCOFWHYIS0ys0aNNc/qlqwXcEODCdUk4UdGSQJuZbMxihYDPTCYEPzOK63l
 wk+A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=Q7loeImi+ndM3VubteNy3BhoSR0vgAyVr51xCBEJ990=;
 b=SlIXTsle41t6Cu4XrSeYuygnlVjRZnfWFAXnlpCNqMKH7ncV1lu/Cj8K/xkM/qjKjk
 2Us7kmmqW5nJCg2ceaObTcS87Zu+5Cwc3vZhl1IpHdxWedqza34ifQeg0/ixwhgE/YYZ
 HAN8ZBUW+/FNUQVVXvO0UCy6UmYtqrxGq7l8sD0KPbUqwQ4xFHF9yu+0ex8/lcE6s6zz
 J2hZ1dX2kclNl8Kh+EMK4vYz0+FC3ZtUdLsv8OI48joqJsw7IlkLIZiqE9M2zys28E+G
 WqvDIOiWjIdrgUOT1VNsEAdFZN5mAaq1KnnKlHawZCcrrU4jsc7udBfs2eNHcsiZvaZj
 df3Q==
X-Gm-Message-State: APjAAAWQFj207BVxewLIQjwjAzkhHmRvb6pY7KBGHmEMB1Gu5MNU6iLc
 Vi+4HbkXA7ukPkU7n1Ze6b2C/nD+S1Rr6bztIWA=
X-Google-Smtp-Source: APXvYqyL9FiU0giFI01p0mBPW0TNAZpj6l+Bl/qqcKf5A5lWVe8Ev43OnbsL5eYnHu9OyTSOKWuEBq1l6SkPNKC7iDE=
X-Received: by 2002:a92:d2:: with SMTP id 201mr77739514ila.22.1578054321401;
 Fri, 03 Jan 2020 04:25:21 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a92:4186:0:0:0:0:0 with HTTP;
 Fri, 3 Jan 2020 04:25:20 -0800 (PST)
In-Reply-To: <87png1qweg.fsf_-_@gnu.org>
References: <87oaac1zme.fsf@gnu.org> <87619w6efb.fsf@gnu.org>
 <handler.20145.D20145.145825547831659.notifdone@debbugs.gnu.org>
 <87png1qweg.fsf_-_@gnu.org>
From: Valentin Ignatev <valentignatev@gmail.com>
Date: Fri, 3 Jan 2020 15:25:20 +0300
Message-ID: <CADXmXkjq+JbUsWcy1a+_Hq=n6fd_ZdJ6tYDZjf7z0w6502ScVw@mail.gmail.com>
Subject: Re: bug#20145: (guix build download) leaks file descriptor on TLS
 connections
To: =?UTF-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 20145
Cc: Ricardo Wurmus <rekado@elephly.net>, 20145@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hey Ludo, thanks for providing more info! I understand that the best
way is to fix the leak for good, but I wonder if there's some possible
quick workaround to mitigate the issue in case of a recursive import?
Like giving package definitions for packages that were followed before
exception happened so the person who packages something can go on from
that point, or something like that.

Valentin.




From debbugs-submit-bounces@debbugs.gnu.org Fri Jan 03 10:12:21 2020
Received: (at 20145-done) by debbugs.gnu.org; 3 Jan 2020 15:12:21 +0000
Received: from localhost ([127.0.0.1]:41266 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1inOcf-0004gm-JM
	for submit@debbugs.gnu.org; Fri, 03 Jan 2020 10:12:21 -0500
Received: from eggs.gnu.org ([209.51.188.92]:51972)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1inOce-0004ga-Bz
 for 20145-done@debbugs.gnu.org; Fri, 03 Jan 2020 10:12:20 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:60442)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1inOcZ-0008Dj-39; Fri, 03 Jan 2020 10:12:15 -0500
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=57538 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@gnu.org>)
 id 1inOcY-0004cr-0q; Fri, 03 Jan 2020 10:12:14 -0500
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
To: 20145-done@debbugs.gnu.org
Subject: Re: bug#20145: (guix build download) leaks file descriptor on TLS
 connections
References: <87oaac1zme.fsf@gnu.org> <87619w6efb.fsf@gnu.org>
 <handler.20145.D20145.145825547831659.notifdone@debbugs.gnu.org>
 <87png1qweg.fsf_-_@gnu.org>
Date: Fri, 03 Jan 2020 16:12:11 +0100
In-Reply-To: <87png1qweg.fsf_-_@gnu.org> ("Ludovic
 \=\?utf-8\?Q\?Court\=C3\=A8s\?\=
 \=\?utf-8\?Q\?\=22's\?\= message of "Fri,
 03 Jan 2020 00:19:19 +0100")
Message-ID: <87png0poac.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 20145-done
Cc: Ricardo Wurmus <rekado@elephly.net>,
 Valentin Ignatev <valentignatev@gmail.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hello again!

Ludovic Court=C3=A8s <ludo@gnu.org> skribis:

> Back in 2015, I closed <https://issues.guix.gnu.org/issue/20145> saying:
>
>> ludo@gnu.org (Ludovic Court=C3=A8s) skribis:
>>
>>> When opening an HTTPS connection, the file descriptor beneath the port
>>> returned by =E2=80=98tls-wrap=E2=80=99 is leaked.
>>>
>>> This is not a problem in most cases (downloads) because the process is
>>> left as soon as the download is over.
>>>
>>> This is more problematic for =E2=80=98guix lint=E2=80=99, which may ope=
n a large number
>>> of HTTPS connections for the =E2=80=98source=E2=80=99 and =E2=80=98home=
-page=E2=80=99 checkers when
>>> working on all the packages.
>>
>> This is essentially solved by commits
>> 14d6ca3e4dd23ee92adb5e2fcf58546e67534631 and
>> 097a951e96718a037dbfa6d579e2d26f7dab3e82.
>>
>> One still needs to be careful, though, for instance because closing a
>> chunked encoding port (which is a custom binary input port wrapped
>> around the real socket port) still fails to close the raw socket port
>> that=E2=80=99s behind the TLS session record port.
>
> Unfortunately, the bug just reported by Valentin and by Ricardo are
> instances of this problem (at least I checked with crates.io and it
> uses chunked encoding, leading to a file descriptor leak):
>
>   https://issues.guix.gnu.org/issue/38857
>   https://issues.guix.gnu.org/issue/38836

Commit f4cde9ac4aedb516c050a30fd999673da434bfa0 fixes it for good it
seems!  (You can monitor /proc/PID/fd while =E2=80=98guix refresh=E2=80=99 =
or =E2=80=98guix
import crate -r=E2=80=99 is running.  :-))

There was also a CRAN-specific FD leak fixed in
af0aefd8c10701fa32341506e36297e5105f6143.

Let me know is anything is amiss!

Ludo=E2=80=99.




From unknown Sat Jun 14 14:14:34 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Sat, 01 Feb 2020 12:24:05 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator