Fixed TCP_DEFER_ACCEPT handling (ticket #353).

Backed out 05a56ebb084a, as it turns out that kernel can return connections
without any delay if syncookies are used.  This basically means we can't
assume anything about connections returned with deferred accept set.

To solve original problem the 05a56ebb084a tried to solve, i.e. to don't
wait longer than needed if a connection was accepted after deferred accept
timeout, this patch changes a timeout set with setsockopt(TCP_DEFER_ACCEPT)
to 1 second, unconditionally.  This is believed to be enough for speed
improvements, and doesn't imply major changes to timeouts used.

Note that before 2.6.32 connections were dropped after a timeout.  Though
it is believed that 1s is still appropriate for kernels before 2.6.32,
as previously tcp_synack_retries controlled the actual timeout and 1s results
in more than 1 minute actual timeout by default.

diff --git a/src/core/ngx_connection.c b/src/core/ngx_connection.c
index 7ed781e0add493e19b32fbe0bbc07e250f7f90f8..986bf0d02083777407a038e432e72b88ff5f3d27 100644 (file)
--- a/src/core/ngx_connection.c
+++ b/src/core/ngx_connection.c
@@ -647,7 +647,13 @@ ngx_configure_listening_sockets(ngx_cycle_t *cycle)
         if (ls[i].add_deferred || ls[i].delete_deferred) {
 
             if (ls[i].add_deferred) {
-                timeout = (int) (ls[i].post_accept_timeout / 1000);
+                /*
+                 * There is no way to find out how long a connection was
+                 * in queue (and a connection may bypass deferred queue at all
+                 * if syncookies were used), hence we use 1 second timeout
+                 * here.
+                 */
+                timeout = 1;
 
             } else {
                 timeout = 0;

diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index c8c5d153f3798dfefaf510a321d0192ff97e4dec..1be2d463f6cc4afb3585cd3e9df3ddd60c18958b 100644 (file)
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -423,20 +423,6 @@ ngx_http_wait_request_handler(ngx_event_t *rev)
 
     if (n == NGX_AGAIN) {
 
-#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
-        if (c->listening->deferred_accept
-#if (NGX_HTTP_SSL)
-            && c->ssl == NULL
-#endif
-            )
-        {
-            ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
-                          "client timed out in deferred accept");
-            ngx_http_close_connection(c);
-            return;
-        }
-#endif
-
         if (!rev->timer_set) {
             ngx_add_timer(rev, c->listening->post_accept_timeout);
             ngx_reusable_connection(c, 1);
@@ -635,15 +621,6 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
     if (n == -1) {
         if (err == NGX_EAGAIN) {
 
-#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
-            if (c->listening->deferred_accept) {
-                ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
-                              "client timed out in deferred accept");
-                ngx_http_close_connection(c);
-                return;
-            }
-#endif
-
             if (!rev->timer_set) {
                 ngx_add_timer(rev, c->listening->post_accept_timeout);
                 ngx_reusable_connection(c, 1);