Add idle socket cleanup for proxy connections

Implement a mechanism to reclaim proxy sockets that have been idle for a specified timeout period. Introduced `fr_packet_list_socket_find_stale` to identify stale sockets and integrated it into the main event loop for periodic cleanup. This enhances resource management by ensuring unused sockets are removed efficiently.

Author: cecilwei76

src/include/packet.h

@@ -61,6 +61,7 @@ bool fr_packet_list_socket_add(fr_packet_list_t *pl, int sockfd, int proto,
 			       fr_ipaddr_t *dst_ipaddr, uint16_t dst_port,
 			       void *ctx);
 bool fr_packet_list_socket_del(fr_packet_list_t *pl, int sockfd);
+int fr_packet_list_socket_find_stale(fr_packet_list_t *pl, int idle_timeout, void **ctx);
 bool fr_packet_list_socket_freeze(fr_packet_list_t *pl, int sockfd);
 bool fr_packet_list_socket_thaw(fr_packet_list_t *pl, int sockfd);
 int fr_packet_list_walk(fr_packet_list_t *pl, void *ctx, rb_walker_t callback);

src/lib/packet.c

@@ -277,6 +277,7 @@ typedef struct fr_packet_socket_t {
 	uint32_t	counter;
 #endif
 
+	time_t		last_idle;
 	uint8_t		id[32];
 } fr_packet_socket_t;
 
@@ -375,6 +376,35 @@ bool fr_packet_list_socket_del(fr_packet_list_t *pl, int sockfd)
 }
 
 
+/*
+ *	Find a destination-specific socket with no outstanding requests
+ *	that has been idle for at least idle_timeout seconds.
+ *	Returns the sockfd, or -1 if none found.  Skips wildcard sockets
+ *	(the default proxy socket) so they are never reclaimed.
+ */
+int fr_packet_list_socket_find_stale(fr_packet_list_t *pl, int idle_timeout, void **ctx)
+{
+	int i;
+	time_t now = time(NULL);
+
+	if (!pl) return -1;
+
+	for (i = 0; i < MAX_SOCKETS; i++) {
+		if (pl->sockets[i].sockfd == -1) continue;
+		if (pl->sockets[i].num_outgoing != 0) continue;
+		if (pl->sockets[i].dont_use) continue;
+		if (pl->sockets[i].dst_any && (pl->sockets[i].dst_port == 0)) continue;
+		if (pl->sockets[i].last_idle == 0) continue;
+		if ((now - pl->sockets[i].last_idle) < idle_timeout) continue;
+
+		if (ctx) *ctx = pl->sockets[i].ctx;
+		return pl->sockets[i].sockfd;
+	}
+
+	return -1;
+}
+
+
 bool fr_packet_list_socket_add(fr_packet_list_t *pl, int sockfd, int proto,
 #ifdef WITH_RADIUSV11
 			       bool radiusv11,
@@ -945,6 +975,10 @@ bool fr_packet_list_id_free(fr_packet_list_t *pl,
 	ps->num_outgoing--;
 	pl->num_outgoing--;
 
+	if (ps->num_outgoing == 0) {
+		ps->last_idle = time(NULL);
+	}
+
 	request->id = -1;
 	request->src_ipaddr.af = AF_UNSPEC; /* id_alloc checks this */
 	request->src_port = 0;

src/main/process.c

@@ -3920,6 +3920,17 @@ static int request_proxy_anew(REQUEST *request)
 	/*
 	 *	Find a live home server for the request.
 	 */
+	if (request->home_pool == NULL) {
+		REDEBUG2("Failed to find live home server for request");
+		if (setup_post_proxy_fail(request)) {
+			ASSERT_MASTER;
+			request_queue_or_run(request, proxy_running); /* network thread - timer */
+		} else {
+			gettimeofday(&request->reply->timestamp, NULL);
+			request_cleanup_delay_init(request);
+		}
+		return 0;
+	}
 	home = home_server_ldb(NULL, request->home_pool, request);
 	if (!home) {
 		REDEBUG2("Failed to find live home server for request");
@@ -6012,9 +6023,8 @@ static void event_new_fd(void *ctx)
 			fr_packet_list_walk(proxy_list, this, eol_proxy_listener);
 
 			if (!fr_packet_list_socket_del(proxy_list, this->fd)) {
-				ERROR("Fatal error removing socket %s: %s",
-				      buffer, fr_strerror());
-				fr_exit(1);
+				WARN("Proxy socket %s already removed from packet list",
+				     buffer);
 			}
 
 #ifdef WITH_TLS
@@ -6360,6 +6370,53 @@ static void create_default_proxy_listener(int af)
 	radius_update_listener(this);
 }
 
+#define PROXY_IDLE_TIMEOUT 5
+
+static fr_event_t *proxy_idle_ev = NULL;
+
+/*
+ *	Periodic timer to reclaim proxy sockets that have been idle
+ *	(num_outgoing == 0) for longer than PROXY_IDLE_TIMEOUT seconds.
+ *	Runs in the main event loop thread.
+ */`
+static void proxy_idle_socket_cleanup(UNUSED void *ctx)
+{
+	struct timeval when;
+	void *stale_ctx;
+	int stale_fd;
+
+	ASSERT_MASTER;
+
+	PTHREAD_MUTEX_LOCK(&proxy_mutex);
+
+	while ((stale_fd = fr_packet_list_socket_find_stale(proxy_list, PROXY_IDLE_TIMEOUT, &stale_ctx)) >= 0) {
+		rad_listen_t *stale = stale_ctx;
+
+		fr_packet_list_socket_del(proxy_list, stale_fd);
+		stale->status = RAD_LISTEN_STATUS_REMOVE_NOW;
+
+#ifdef HAVE_PTHREAD_H
+		proxy_no_new_sockets = false;
+#endif
+		PTHREAD_MUTEX_UNLOCK(&proxy_mutex);
+
+		event_new_fd(stale);
+
+		PTHREAD_MUTEX_LOCK(&proxy_mutex);
+	}
+
+	PTHREAD_MUTEX_UNLOCK(&proxy_mutex);
+
+	gettimeofday(&when, NULL);
+	when.tv_sec += PROXY_IDLE_TIMEOUT;
+
+	ASSERT_MASTER;
+	if (!fr_event_insert(el, proxy_idle_socket_cleanup, NULL, &when,
+			     &proxy_idle_ev)) {
+		ERROR("Failed re-inserting proxy idle cleanup timer");
+	}
+}
+
 /*
  *	See if we automatically need to open a proxy socket.
  */
@@ -6557,6 +6614,18 @@ int radius_event_start(CONF_SECTION *cs, bool have_children)
 
 #ifdef WITH_PROXY
 	check_proxy(head);
+
+	if (main_config.proxy_requests && proxy_list) {
+		struct timeval when;
+
+		gettimeofday(&when, NULL);
+		when.tv_sec += PROXY_IDLE_TIMEOUT;
+
+		if (!fr_event_insert(el, proxy_idle_socket_cleanup, NULL,
+				     &when, &proxy_idle_ev)) {
+			ERROR("Failed inserting proxy idle cleanup timer");
+		}
+	}
 #endif
 
 	/*