Cluster Project branch, STABLE2, updated. cluster-2.02.00-19-g8434902

ccaulfield@sourceware.org ccaulfield@sourceware.org
Wed Mar 19 10:09:00 GMT 2008 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Cluster Project".

http://sources.redhat.com/git/gitweb.cgi?p=cluster.git;a=commitdiff;h=84349029e264e982d6b962ee81b13a9f13419115

The branch, STABLE2 has been updated
       via  84349029e264e982d6b962ee81b13a9f13419115 (commit)
      from  ae3311d1de243236751a1d8b1970ee413e24d305 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 84349029e264e982d6b962ee81b13a9f13419115
Author: Christine Caulfield <ccaulfie@redhat.com>
Date:   Wed Mar 19 10:08:51 2008 +0000

    [CMAN] Limit outstanding replies
    
    This commit imposes a limit on the number of outstanding replies
    that a connection can have. This is to prevent a DoS attack that
    causes cman to eat all available memory by sending lots of requests
    and not reading the replies.
    
    The deafult is 128, it can be set in cluster.conf as
    <cman max_queued="1000"/>
    
    Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>

-----------------------------------------------------------------------

Summary of changes:
 cman/daemon/cmanccs.c        |   11 ++++++++++-
 cman/daemon/cnxman-private.h |    1 +
 cman/daemon/daemon.c         |   20 +++++++++++++++++---
 cman/daemon/daemon.h         |    3 ++-
 4 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/cman/daemon/cmanccs.c b/cman/daemon/cmanccs.c
index b7b9748..a901df2 100644
--- a/cman/daemon/cmanccs.c
+++ b/cman/daemon/cmanccs.c
@@ -1,7 +1,7 @@
 /******************************************************************************
 *******************************************************************************
 **
-**  Copyright (C) 2005-2007 Red Hat, Inc.  All rights reserved.
+**  Copyright (C) 2005-2008 Red Hat, Inc.  All rights reserved.
 **
 **  This copyrighted material is made available to anyone wishing to use,
 **  modify, copy, or redistribute it subject to the terms and conditions
@@ -15,6 +15,7 @@
 #include <netinet/in.h>
 #include <syslog.h>
 #include <string.h>
+#include <signal.h>
 #include <sys/utsname.h>
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -29,6 +30,7 @@
 #include "cnxman-private.h"
 #include "logging.h"
 #include "commands.h"
+#include "daemon.h"
 #include "ais.h"
 #include "ccs.h"
 
@@ -46,6 +48,7 @@
 #define MCAST_ADDR_PATH		"/cluster/cman/multicast/@addr"
 #define PORT_PATH		"/cluster/cman/@port"
 #define KEY_PATH		"/cluster/cman/@keyfile"
+#define MAXQUEUED_PATH		"/cluster/cman/@max_queued"
 
 #define NODE_NAME_PATH_BYNAME	"/cluster/clusternodes/clusternode[@name=\"%s\"]/@name"
 #define NODE_NAME_PATH_BYNUM	"/cluster/clusternodes/clusternode[%d]/@name"
@@ -551,6 +554,12 @@ static int get_ccs_join_info(void)
 		cluster_id = generate_cluster_id(cluster_name);
 	}
 
+	error = ccs_get(cd, MAXQUEUED_PATH, &str);
+	if (!error) {
+		max_outstanding_messages = atoi(str);
+		free(str);
+	}
+
 	/* our nodename */
 	if (nodename_env) {
 		int ret;
diff --git a/cman/daemon/cnxman-private.h b/cman/daemon/cnxman-private.h
index e132397..a3b3f55 100644
--- a/cman/daemon/cnxman-private.h
+++ b/cman/daemon/cnxman-private.h
@@ -132,6 +132,7 @@ struct connection
 	uint32_t   events;      /* Registered for events */
 	uint32_t   confchg;     /* Registered for confchg */
 	struct list write_msgs; /* Queued messages to go to data clients */
+	uint32_t    num_write_msgs; /* Count of messages */
 	struct connection *next;
 	struct list list;       /* when on the client_list */
 };
diff --git a/cman/daemon/daemon.c b/cman/daemon/daemon.c
index 099b421..1e51a38 100644
--- a/cman/daemon/daemon.c
+++ b/cman/daemon/daemon.c
@@ -1,7 +1,7 @@
 /******************************************************************************
 *******************************************************************************
 **
-**  Copyright (C) 2005-2006 Red Hat, Inc.  All rights reserved.
+**  Copyright (C) 2005-2008 Red Hat, Inc.  All rights reserved.
 **
 **  This copyrighted material is made available to anyone wishing to use,
 **  modify, copy, or redistribute it subject to the terms and conditions
@@ -60,8 +60,10 @@ volatile sig_atomic_t quit_threads=0;
 
 int num_connections = 0;
 poll_handle ais_poll_handle;
+uint32_t max_outstanding_messages = 128;
 
 static int process_client(poll_handle handle, int fd, int revent, void *data);
+static void remove_client(poll_handle handle, struct connection *con);
 
 /* Send it, or queue it for later if the socket is busy */
 static int send_reply_message(struct connection *con, struct sock_header *msg)
@@ -82,8 +84,17 @@ static int send_reply_message(struct connection *con, struct sock_header *msg)
 
 	if ((ret > 0 && ret != msg->length) ||
 	    (ret == -1 && errno == EAGAIN)) {
+		struct queued_reply *qm;
+
+		/* Have we exceeded the allowed number of queued messages ? */
+		if (con->num_write_msgs > max_outstanding_messages) {
+			P_DAEMON("Disconnecting. client has more that %d replies outstanding (%d)\n", max_outstanding_messages, con->num_write_msgs);
+			remove_client(ais_poll_handle, con);
+			return -1;
+		}
+
 		/* Queue it */
-		struct queued_reply *qm = malloc(sizeof(struct queued_reply) + msg->length);
+		qm = malloc(sizeof(struct queued_reply) + msg->length);
 		if (!qm)
 		{
 			perror("Error allocating queued message");
@@ -95,7 +106,8 @@ static int send_reply_message(struct connection *con, struct sock_header *msg)
 		else
 			qm->offset = 0;
 		list_add(&con->write_msgs, &qm->list);
-		P_DAEMON("queued last message\n");
+		con->num_write_msgs++;
+		P_DAEMON("queued last message, count is %d\n", con->num_write_msgs);
 		poll_dispatch_modify(ais_poll_handle, con->fd, POLLIN | POLLOUT, process_client);
 	}
 	return 0;
@@ -144,6 +156,7 @@ static void send_queued_reply(struct connection *con)
 		{
 			list_del(&qm->list);
 			free(qm);
+			con->num_write_msgs--;
 		}
 		else
 		{
@@ -329,6 +342,7 @@ static int process_rendezvous(poll_handle handle, int fd, int revent, void *data
 		newcon->type = con->type;
 		newcon->port = 0;
 		newcon->events = 0;
+		newcon->num_write_msgs = 0;
 		list_init(&newcon->write_msgs);
 		fcntl(client_fd, F_SETFL, fcntl(client_fd, F_GETFL, 0) | O_NONBLOCK);
 
diff --git a/cman/daemon/daemon.h b/cman/daemon/daemon.h
index 3897bd9..7f604a8 100644
--- a/cman/daemon/daemon.h
+++ b/cman/daemon/daemon.h
@@ -1,7 +1,7 @@
 /******************************************************************************
 *******************************************************************************
 **
-**  Copyright (C) 2005 Red Hat, Inc.  All rights reserved.
+**  Copyright (C) 2005-2008 Red Hat, Inc.  All rights reserved.
 **
 **  This copyrighted material is made available to anyone wishing to use,
 **  modify, copy, or redistribute it subject to the terms and conditions
@@ -22,3 +22,4 @@ extern void notify_confchg(struct sock_header *message);
 
 extern volatile sig_atomic_t quit_threads;
 extern int num_connections;
+extern uint32_t max_outstanding_messages;


hooks/post-receive
--
Cluster Project

More information about the Cluster-cvs mailing list