Date: Mon, 18 May 1998 09:12:15 -0700 (PDT) From: Bill Paul <wpaul@FreeBSD.ORG> To: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-lib@FreeBSD.ORG Subject: cvs commit: src/lib/libc/rpc svc_tcp.c svc_unix.c Message-ID: <199805181612.JAA18725@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
wpaul 1998/05/18 09:12:14 PDT
Modified files:
lib/libc/rpc svc_tcp.c svc_unix.c
Log:
Improve DoS avoidance in RPC stream oriented transports. The TCP transport
uses readtcp() to gather data from the network; readtcp() uses select(),
with a timeout of 35 seconds. The problem with this is that if you
connect to a TCP server, send two bytes of data, then just pause, the
server will remain blocked in readtcp() for up to 35 seconds, which is
sort of a long time. If you keep doing this every 35 seconds, you can
keep the server occupied indefinitely.
To fix this, I modified readtcp() (and its cousin, readunix() in svc_unix.c)
to monitor all service transport handles instead of just the current socket.
This allows the server to keep handling new connections that arrive while
readtcp() is running. This prevents one client from potentially monopolizing
a server.
Also, while I was here, I fixed a bug in the timeout calculations. Someone
attempted to adjust the timeout so that if select() returned EINTR and the
loop was restarted, the timeout would be reduced so that rather than waiting
for another 35 seconds, you could never wait for more than 35 seconds total.
Unfortunately, the calculation was wrong, and the timeout could expire much
sooner than 35 seconds.
Revision Changes Path
1.13 +35 -17 src/lib/libc/rpc/svc_tcp.c
1.4 +35 -17 src/lib/libc/rpc/svc_unix.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805181612.JAA18725>