Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Cluster Development (http://www.linux-archive.org/cluster-development/)
-   -   Cluster Project branch, master, updated. gfs-kernel_0_1_22-77-gd7387de (http://www.linux-archive.org/cluster-development/58281-cluster-project-branch-master-updated-gfs-kernel_0_1_22-77-gd7387de.html)

03-18-2008 04:13 PM

Cluster Project branch, master, updated. gfs-kernel_0_1_22-77-gd7387de
 
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Cluster Project".

http://sources.redhat.com/git/gitweb.cgi?p=cluster.git;a=commitdiff;h=d7387dedf8 cf77f3a4156eb5a5264cca15e4e5bd

The branch, master has been updated
via d7387dedf8cf77f3a4156eb5a5264cca15e4e5bd (commit)
from 2f419450985f7bbc069a5be4443757f35450655c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d7387dedf8cf77f3a4156eb5a5264cca15e4e5bd
Author: Christine Caulfield <ccaulfie@redhat.com>
Date: Tue Mar 18 17:10:51 2008 +0000

[CMAN] Limit outstanding replies

This commit imposes a limit on the number of outstanding replies
that a connection can have. This is to prevent a DoS attack that
causes cman to eat all available memory by sending lots of requests
and not reading the replies.

The deafult is 128, it can be set in cluster.conf as
<cman max_queued="1000"/>

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>

-----------------------------------------------------------------------

Summary of changes:
cman/daemon/cmanconfig.c | 1 +
cman/daemon/cnxman-private.h | 1 +
cman/daemon/commands.h | 1 +
cman/daemon/daemon.c | 16 +++++++++++++++-
4 files changed, 18 insertions(+), 1 deletions(-)

diff --git a/cman/daemon/cmanconfig.c b/cman/daemon/cmanconfig.c
index 8bd24dd..e0dc46b 100644
--- a/cman/daemon/cmanconfig.c
+++ b/cman/daemon/cmanconfig.c
@@ -73,6 +73,7 @@ int read_cman_nodes(struct objdb_iface_ver0 *objdb, unsigned int *config_version
objdb_get_int(objdb, object_handle, "two_node", (unsigned int *)&two_node);
objdb_get_int(objdb, object_handle, "cluster_id", &cluster_id);
objdb_get_string(objdb, object_handle, "nodename", &our_nodename);
+ objdb_get_int(objdb, object_handle, "max_queued", &max_outstanding_messages);
}

clear_reread_flags();
diff --git a/cman/daemon/cnxman-private.h b/cman/daemon/cnxman-private.h
index 7f6f692..527d571 100644
--- a/cman/daemon/cnxman-private.h
+++ b/cman/daemon/cnxman-private.h
@@ -124,6 +124,7 @@ struct connection
uint32_t events; /* Registered for events */
uint32_t confchg; /* Registered for confchg */
struct list write_msgs; /* Queued messages to go to data clients */
+ uint32_t num_write_msgs; /* Count of messages */
struct connection *next;
struct list list; /* when on the client_list */
};
diff --git a/cman/daemon/commands.h b/cman/daemon/commands.h
index 923a9d9..b3441ae 100644
--- a/cman/daemon/commands.h
+++ b/cman/daemon/commands.h
@@ -47,3 +47,4 @@ extern int cman_join_cluster(struct objdb_iface_ver0 *objdb,
int votes, int expected_votes);

extern int cluster_members;
+extern uint32_t max_outstanding_messages;
diff --git a/cman/daemon/daemon.c b/cman/daemon/daemon.c
index b9923c9..e3160b7 100644
--- a/cman/daemon/daemon.c
+++ b/cman/daemon/daemon.c
@@ -61,8 +61,10 @@ volatile sig_atomic_t quit_threads=0;

int num_connections = 0;
poll_handle ais_poll_handle;
+uint32_t max_outstanding_messages = 128;

static int process_client(poll_handle handle, int fd, int revent, void *data);
+static void remove_client(poll_handle handle, struct connection *con);

/* Send it, or queue it for later if the socket is busy */
static int send_reply_message(struct connection *con, struct sock_header *msg)
@@ -83,6 +85,14 @@ static int send_reply_message(struct connection *con, struct sock_header *msg)

if ((ret > 0 && ret != msg->length) ||
(ret == -1 && errno == EAGAIN)) {
+
+ /* Have we exceeded the allowed number of queued messages ? */
+ if (con->num_write_msgs > max_outstanding_messages) {
+ P_DAEMON("Disconnecting. client has more that %d replies outstanding (%d)
", max_outstanding_messages, con->num_write_msgs);
+ remove_client(ais_poll_handle, con);
+ return -1;
+ }
+
/* Queue it */
struct queued_reply *qm = malloc(sizeof(struct queued_reply) + msg->length);
if (!qm)
@@ -96,7 +106,8 @@ static int send_reply_message(struct connection *con, struct sock_header *msg)
else
qm->offset = 0;
list_add(&con->write_msgs, &qm->list);
- P_DAEMON("queued last message
");
+ con->num_write_msgs++;
+ P_DAEMON("queued last message, count is %d
", con->num_write_msgs);
poll_dispatch_modify(ais_poll_handle, con->fd, POLLIN | POLLOUT, process_client);
}
return 0;
@@ -145,6 +156,7 @@ static void send_queued_reply(struct connection *con)
{
list_del(&qm->list);
free(qm);
+ con->num_write_msgs--;
}
else
{
@@ -330,6 +342,7 @@ static int process_rendezvous(poll_handle handle, int fd, int revent, void *data
newcon->type = con->type;
newcon->port = 0;
newcon->events = 0;
+ newcon->num_write_msgs = 0;
list_init(&newcon->write_msgs);
fcntl(client_fd, F_SETFL, fcntl(client_fd, F_GETFL, 0) | O_NONBLOCK);

@@ -388,6 +401,7 @@ static int open_local_sock(const char *name, int name_len, mode_t mode, poll_han
}
con->type = type;
con->fd = local_socket;
+ con->num_write_msgs = 0;

poll_dispatch_add(handle, con->fd, POLLIN, con, process_rendezvous);



hooks/post-receive
--
Cluster Project

03-18-2008 04:13 PM

Cluster Project branch, master, updated. gfs-kernel_0_1_22-77-gd7387de
 
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Cluster Project".

http://sources.redhat.com/git/gitweb.cgi?p=cluster.git;a=commitdiff;h=d7387dedf8 cf77f3a4156eb5a5264cca15e4e5bd

The branch, master has been updated
via d7387dedf8cf77f3a4156eb5a5264cca15e4e5bd (commit)
from 2f419450985f7bbc069a5be4443757f35450655c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d7387dedf8cf77f3a4156eb5a5264cca15e4e5bd
Author: Christine Caulfield <ccaulfie@redhat.com>
Date: Tue Mar 18 17:10:51 2008 +0000

[CMAN] Limit outstanding replies

This commit imposes a limit on the number of outstanding replies
that a connection can have. This is to prevent a DoS attack that
causes cman to eat all available memory by sending lots of requests
and not reading the replies.

The deafult is 128, it can be set in cluster.conf as
<cman max_queued="1000"/>

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>

-----------------------------------------------------------------------

Summary of changes:
cman/daemon/cmanconfig.c | 1 +
cman/daemon/cnxman-private.h | 1 +
cman/daemon/commands.h | 1 +
cman/daemon/daemon.c | 16 +++++++++++++++-
4 files changed, 18 insertions(+), 1 deletions(-)

diff --git a/cman/daemon/cmanconfig.c b/cman/daemon/cmanconfig.c
index 8bd24dd..e0dc46b 100644
--- a/cman/daemon/cmanconfig.c
+++ b/cman/daemon/cmanconfig.c
@@ -73,6 +73,7 @@ int read_cman_nodes(struct objdb_iface_ver0 *objdb, unsigned int *config_version
objdb_get_int(objdb, object_handle, "two_node", (unsigned int *)&two_node);
objdb_get_int(objdb, object_handle, "cluster_id", &cluster_id);
objdb_get_string(objdb, object_handle, "nodename", &our_nodename);
+ objdb_get_int(objdb, object_handle, "max_queued", &max_outstanding_messages);
}

clear_reread_flags();
diff --git a/cman/daemon/cnxman-private.h b/cman/daemon/cnxman-private.h
index 7f6f692..527d571 100644
--- a/cman/daemon/cnxman-private.h
+++ b/cman/daemon/cnxman-private.h
@@ -124,6 +124,7 @@ struct connection
uint32_t events; /* Registered for events */
uint32_t confchg; /* Registered for confchg */
struct list write_msgs; /* Queued messages to go to data clients */
+ uint32_t num_write_msgs; /* Count of messages */
struct connection *next;
struct list list; /* when on the client_list */
};
diff --git a/cman/daemon/commands.h b/cman/daemon/commands.h
index 923a9d9..b3441ae 100644
--- a/cman/daemon/commands.h
+++ b/cman/daemon/commands.h
@@ -47,3 +47,4 @@ extern int cman_join_cluster(struct objdb_iface_ver0 *objdb,
int votes, int expected_votes);

extern int cluster_members;
+extern uint32_t max_outstanding_messages;
diff --git a/cman/daemon/daemon.c b/cman/daemon/daemon.c
index b9923c9..e3160b7 100644
--- a/cman/daemon/daemon.c
+++ b/cman/daemon/daemon.c
@@ -61,8 +61,10 @@ volatile sig_atomic_t quit_threads=0;

int num_connections = 0;
poll_handle ais_poll_handle;
+uint32_t max_outstanding_messages = 128;

static int process_client(poll_handle handle, int fd, int revent, void *data);
+static void remove_client(poll_handle handle, struct connection *con);

/* Send it, or queue it for later if the socket is busy */
static int send_reply_message(struct connection *con, struct sock_header *msg)
@@ -83,6 +85,14 @@ static int send_reply_message(struct connection *con, struct sock_header *msg)

if ((ret > 0 && ret != msg->length) ||
(ret == -1 && errno == EAGAIN)) {
+
+ /* Have we exceeded the allowed number of queued messages ? */
+ if (con->num_write_msgs > max_outstanding_messages) {
+ P_DAEMON("Disconnecting. client has more that %d replies outstanding (%d)
", max_outstanding_messages, con->num_write_msgs);
+ remove_client(ais_poll_handle, con);
+ return -1;
+ }
+
/* Queue it */
struct queued_reply *qm = malloc(sizeof(struct queued_reply) + msg->length);
if (!qm)
@@ -96,7 +106,8 @@ static int send_reply_message(struct connection *con, struct sock_header *msg)
else
qm->offset = 0;
list_add(&con->write_msgs, &qm->list);
- P_DAEMON("queued last message
");
+ con->num_write_msgs++;
+ P_DAEMON("queued last message, count is %d
", con->num_write_msgs);
poll_dispatch_modify(ais_poll_handle, con->fd, POLLIN | POLLOUT, process_client);
}
return 0;
@@ -145,6 +156,7 @@ static void send_queued_reply(struct connection *con)
{
list_del(&qm->list);
free(qm);
+ con->num_write_msgs--;
}
else
{
@@ -330,6 +342,7 @@ static int process_rendezvous(poll_handle handle, int fd, int revent, void *data
newcon->type = con->type;
newcon->port = 0;
newcon->events = 0;
+ newcon->num_write_msgs = 0;
list_init(&newcon->write_msgs);
fcntl(client_fd, F_SETFL, fcntl(client_fd, F_GETFL, 0) | O_NONBLOCK);

@@ -388,6 +401,7 @@ static int open_local_sock(const char *name, int name_len, mode_t mode, poll_han
}
con->type = type;
con->fd = local_socket;
+ con->num_write_msgs = 0;

poll_dispatch_add(handle, con->fd, POLLIN, con, process_rendezvous);



hooks/post-receive
--
Cluster Project


All times are GMT. The time now is 02:02 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.