[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Cluster-devel] conga/ricci/ricci Server.cpp



CVSROOT:	/cvs/cluster
Module name:	conga
Branch: 	RHEL4
Changes by:	rmccabe sourceware org	2007-08-21 21:26:31

Modified files:
	ricci/ricci    : Server.cpp 

Log message:
	Block a DoS attack that could be used to cause ricci to deny legitimate connections.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/ricci/Server.cpp.diff?cvsroot=cluster&only_with_tag=RHEL4&r1=1.5&r2=1.5.4.1

--- conga/ricci/ricci/Server.cpp	2006/10/14 17:53:27	1.5
+++ conga/ricci/ricci/Server.cpp	2007/08/21 21:26:31	1.5.4.1
@@ -48,6 +48,7 @@
 
 
 
+static time_t last_purge = 0;
 static bool shutdown_pending = false;
 static void shutdown(int);
 
@@ -86,8 +87,10 @@
     poll_data.revents = 0;
     
     // wait for events
-    int ret = poll(&poll_data, 1, 500);
-    if (ret == 0) {
+    int ret = poll(&poll_data, 1, 1000);
+    time_t cur_time = time(NULL);
+    if (ret == 0 || cur_time - last_purge >= 2) {
+      last_purge = cur_time;
       // clean up clients
       list<list<counting_auto_ptr<ClientInstance> >::iterator> remove_us;
       for (list<counting_auto_ptr<ClientInstance> >::iterator iter = clients.begin();
@@ -102,14 +105,16 @@
 	clients.erase(*iter);
 	cout << "client removed" << endl;
       }
-      
+    }
+
+    if (ret == 0) {
       // continue waiting
       continue;
     } else if (ret == -1) {
       if (errno == EINTR)
         continue;
       else
-        throw String("poll() error");
+        throw String("poll() error: " + String(strerror(errno)));
     }
     
     // process events
@@ -117,8 +122,7 @@
       try {
 	ClientSocket sock = _server.accept();
 	counting_auto_ptr<ClientInstance> 
-	  client(new ClientInstance(sock, 
-				    _dbus_controller));
+	  client(new ClientInstance(sock, _dbus_controller));
 	client->start();
 	clients.push_back(client);
 	cout << "client added" << endl;


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]