From owner-cvs-lib  Mon May 18 09:17:11 1998
Return-Path: <owner-cvs-lib>
Received: (from daemon@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id JAA05541
          for cvs-lib-outgoing; Mon, 18 May 1998 09:17:11 -0700 (PDT)
          (envelope-from owner-cvs-lib)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA05448;
          Mon, 18 May 1998 09:16:31 -0700 (PDT)
          (envelope-from wpaul@FreeBSD.org)
From: Bill Paul <wpaul@FreeBSD.ORG>
Received: (from wpaul@localhost)
	by freefall.freebsd.org (8.8.8/8.8.5) id JAA18725;
	Mon, 18 May 1998 09:12:15 -0700 (PDT)
Date: Mon, 18 May 1998 09:12:15 -0700 (PDT)
Message-Id: <199805181612.JAA18725@freefall.freebsd.org>
To: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-lib@FreeBSD.ORG
Subject: cvs commit: src/lib/libc/rpc svc_tcp.c svc_unix.c
Sender: owner-cvs-lib@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

wpaul       1998/05/18 09:12:14 PDT

  Modified files:
    lib/libc/rpc         svc_tcp.c svc_unix.c 
  Log:
  Improve DoS avoidance in RPC stream oriented transports. The TCP transport
  uses readtcp() to gather data from the network; readtcp() uses select(),
  with a timeout of 35 seconds. The problem with this is that if you
  connect to a TCP server, send two bytes of data, then just pause, the
  server will remain blocked in readtcp() for up to 35 seconds, which is
  sort of a long time. If you keep doing this every 35 seconds, you can
  keep the server occupied indefinitely.
  
  To fix this, I modified readtcp() (and its cousin, readunix() in svc_unix.c)
  to monitor all service transport handles instead of just the current socket.
  This allows the server to keep handling new connections that arrive while
  readtcp() is running. This prevents one client from potentially monopolizing
  a server.
  
  Also, while I was here, I fixed a bug in the timeout calculations. Someone
  attempted to adjust the timeout so that if select() returned EINTR and the
  loop was restarted, the timeout would be reduced so that rather than waiting
  for another 35 seconds, you could never wait for more than 35 seconds total.
  Unfortunately, the calculation was wrong, and the timeout could expire much
  sooner than 35 seconds.
  
  Revision  Changes    Path
  1.13      +35 -17    src/lib/libc/rpc/svc_tcp.c
  1.4       +35 -17    src/lib/libc/rpc/svc_unix.c