Howdy,

In Ruby 1.8.4, in drb/ssl.rb soc.close is invoked if an acl test
fails, but it isn't invoked if an SSLError is rescued.  As such, if I
start up an SSL enabled DRb server and make a bunch of invalid
(e.g. non-ssl) connections, the server keeps a filedescriptor open for
each of the failed connections.  If I add soc.close into the rescue
portion, the filedescriptors get closed right away.

Garbage collection is sufficient to close the filedescriptors, so I
know they're not leaking, per-se.  However, since the code explicitly
invokes close when the acl test fails, I suggest that the same be done
upon receipt of SSLError.  It seems to me that solely relying on
garbage collection could result in running out of filedescriptors if
someone repeatedly trys to improperly connect.

I don't normally read ruby-core, but I've subscribed so I can make
this post.  I'll stay subscribed for a week or so.  In the unlikely
event that someone has a question for me about this more than a week
from now, please send me email.

-- 
Cliff Matthews <ctm / ardi.com>