Bump the maximum TCP timeout to 65535 [RT #44710 ]

2017-10-25 14:15:04 +04:00
2 changed files with 12 additions and 10 deletions
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -160,6 +160,8 @@
 #define DIR_PERM_OK W_OK|X_OK
 #endif

+#define MAX_TCP_TIMEOUT 65535
+
 /*%
 * Check an operation for failure.  Assumes that the function
 * using it has a 'result' variable and a 'cleanup' label.
@@ -7886,11 +7888,11 @@ load_configuration(const char *filename, named_server_t *server,
 	result = named_config_get(maps, "tcp-keepalive-timeout", &obj);
 	INSIST(result == ISC_R_SUCCESS);
 	keepalive = cfg_obj_asuint32(obj);
-	if (keepalive > 1200) {
+	if (keepalive > MAX_TCP_TIMEOUT) {
 		cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING,
 			    "tcp-keepalive-timeout value is out of range: "
-			    "lowering to 1200");
-		keepalive = 1200;
+			    "lowering to %u", MAX_TCP_TIMEOUT);
+		keepalive = MAX_TCP_TIMEOUT;
 	} else if (keepalive < 1) {
 		cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING,
 			    "tcp-keepalive-timeout value is out of range: "
@@ -7902,11 +7904,11 @@ load_configuration(const char *filename, named_server_t *server,
 	result = named_config_get(maps, "tcp-advertised-timeout", &obj);
 	INSIST(result == ISC_R_SUCCESS);
 	advertised = cfg_obj_asuint32(obj);
-	if (advertised > 1200) {
+	if (advertised > MAX_TCP_TIMEOUT) {
 		cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING,
 			    "tcp-advertized-timeout value is out of range: "
-			    "lowering to 1200");
-		advertised = 1200;
+			    "lowering to %u", MAX_TCP_TIMEOUT);
+		advertised = MAX_TCP_TIMEOUT;
 	}

 	ns_server_settimeouts(named_g_server->sctx,
@@ -14700,7 +14702,7 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t **text) {
 		if (ptr == NULL)
 			return (ISC_R_UNEXPECTEDEND);
 		CHECK(isc_parse_uint32(&keepalive, ptr, 10));
-		if (keepalive > 1200)
+		if (keepalive > MAX_TCP_TIMEOUT)
 			CHECK(ISC_R_RANGE);
 		if (keepalive < 1)
 			CHECK(ISC_R_RANGE);
@@ -14709,7 +14711,7 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t **text) {
 		if (ptr == NULL)
 			return (ISC_R_UNEXPECTEDEND);
 		CHECK(isc_parse_uint32(&advertised, ptr, 10));
-		if (advertised > 1200)
+		if (advertised > MAX_TCP_TIMEOUT)
 			CHECK(ISC_R_RANGE);

 		result = isc_task_beginexclusive(named_g_server->task);
--- a/doc/arm/Bv9ARM-book.xml
+++ b/doc/arm/Bv9ARM-book.xml
@@ -8830,7 +8830,7 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
 		  server waits on an idle TCP connection before closing
 		  it when the client is using the EDNS TCP keepalive
 		  option.  The default is 300 (30 seconds), the maximum
-		  is 1200 (two minutes), and the minimum is 1 (one tenth
+		  is 65535 (about 1.8 hours), and the minimum is 1 (one tenth
 		  of a second). Values above the maximum or below the minimum
 		  will be adjusted with a logged warning.
 		  This value may be greater than
@@ -8852,7 +8852,7 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
 		  keepalive option. This informs a client of the
 		  amount of time it may keep the session open.
 		  The default is 300 (30 seconds), the maximum is
-		  1200 (two minutes), and the minimum is 0, which
+		  65535 (about 1.8 hours), and the minimum is 0, which
 		  signals that the clients must close TCP connections
 		  immediately.  Ordinarily this should be set to the
 		  same value as <command>tcp-keepalive-timeout</command>.