fix enforcement of tcp-clients (v1)
tcp-clients settings could be exceeded in some cases by creating more and more active TCP clients that are over the set quota limit, which in the end could lead to a DoS attack by e.g. exhaustion of file descriptors. If TCP client we're closing went over the quota (so it's not attached to a quota) mark it as mortal - so that it will be destroyed and not set up to listen for new connections - unless it's the last client for a specific interface. (cherry picked from commit eafcff07c25bdbe038ae1e4b6660602a080b9395)
This commit is contained in:
Witold Kręcicki
committed by
Evan Hunt
Evan Hunt
parent
94ba15ea38
commit
9e7617cc84
@@ -441,8 +441,19 @@ exit_check(ns_client_t *client) {
|
||||
isc_socket_detach(&client->tcpsocket);
|
||||
}
|
||||
|
||||
if (client->tcpquota != NULL)
|
||||
if (client->tcpquota != NULL) {
|
||||
isc_quota_detach(&client->tcpquota);
|
||||
} else {
|
||||
/*
|
||||
* We went over quota with this client, we don't
|
||||
* want to restart listening unless this is the
|
||||
* last client on this interface, which is
|
||||
* checked later.
|
||||
*/
|
||||
if (TCP_CLIENT(client)) {
|
||||
client->mortal = true;
|
||||
}
|
||||
}
|
||||
|
||||
if (client->timerset) {
|
||||
(void)isc_timer_reset(client->timer,
|
||||
|
||||
Reference in New Issue
Block a user