summaryrefslogtreecommitdiff
path: root/lib/libc/rpc/svc_tcp.c
Commit message (Collapse)AuthorAgeFilesLines
* Add three-tier symbol naming in support of POSIX thread cancellationJason Evans2000-01-121-7/+7
| | | | | | | | | points. For library functions, the pattern is __sleep() <-- _libc_sleep() <-- sleep(). The arrows represent weak aliases. For system calls, the pattern is _read() <-- _libc_read() <-- read(). Notes: svn path=/head/; revision=55837
* For the TCP transport, put the listening socket in non-blockingJohn Polstra1999-11-181-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mode. This addresses a well-known race condition that can cause servers to hang in accept(). The relevant case is when somebody connects to the server and then immediately kills the connection by sending a TCP reset. On the server this causes select to report a ready condition on the socket, after which the accept call blocks because there is no longer any pending connection to accept. In -current there is already a work-around for this in the kernel. It was merged into -stable some time ago, but then David Greenman reverted it because it seemed to be causing a socket leak in some cases. (See uipc_socket.c revision 1.51.2.3.) Hence this userland fix is needed in -stable, and I plan to merge it into that branch soon because it fixes a potential DoS attack. It may also be needed in -current if the suspected socket leak turns out to be real. In any case, after thinking it over I believe the fix belongs in userland. An application shouldn't assume that a ready return from select guarantees that the subsequent I/O operation cannot block. A lot can happen between the select and the accept. A similar fix should most likely be applied to the Unix domain socket transport too. Submitted by: peter Reviewed by: jdp Notes: svn path=/head/; revision=53323
* Fix a bug in the hack that protects against FTP bounce attacks.John Polstra1999-11-171-3/+2
| | | | | | | | | | | | It used to loop back up to the accept() call and block there, shutting out all other transports until a new connection came in. Now it returns instead after dropping the connection. That will take it back to the select() loop where all transports can be serviced. I intend to MFC this within a day or two since it fixes a DoS vulnerability. Notes: svn path=/head/; revision=53254
* $Id$ -> $FreeBSD$Peter Wemm1999-08-281-1/+1
| | | | Notes: svn path=/head/; revision=50476
* Improve DoS avoidance in RPC stream oriented transports. The TCP transportBill Paul1998-05-181-17/+35
| | | | | | | | | | | | | | | | | | | | | | | | | uses readtcp() to gather data from the network; readtcp() uses select(), with a timeout of 35 seconds. The problem with this is that if you connect to a TCP server, send two bytes of data, then just pause, the server will remain blocked in readtcp() for up to 35 seconds, which is sort of a long time. If you keep doing this every 35 seconds, you can keep the server occupied indefinitely. To fix this, I modified readtcp() (and its cousin, readunix() in svc_unix.c) to monitor all service transport handles instead of just the current socket. This allows the server to keep handling new connections that arrive while readtcp() is running. This prevents one client from potentially monopolizing a server. Also, while I was here, I fixed a bug in the timeout calculations. Someone attempted to adjust the timeout so that if select() returned EINTR and the loop was restarted, the timeout would be reduced so that rather than waiting for another 35 seconds, you could never wait for more than 35 seconds total. Unfortunately, the calculation was wrong, and the timeout could expire much sooner than 35 seconds. Notes: svn path=/head/; revision=36156
* Patch RPC library to avoid possible denial of service attacks as describedBill Paul1998-05-151-1/+2
| | | | | | | | | recently in BUGTRAQ. If a stream oriented transport fails to properly decode an RPC message header structure where there should be one, it should mark the stream as dead so that the connection will be dropped. Notes: svn path=/head/; revision=36086
* Resolve conflicts.Bill Paul1997-05-281-1/+1
| | | | | | | | | | | | | | This concludes tonight's entertainment. Once I'm sure I haven't destroyed the world with all these changes, I'll import the utilities. Everything should continue to work as before. If it doesn't let me know. Special thanks to Mark Murray for running a test 'make world' for me to shake out the bugs, which, hopefully, I have fixed. (And there was much rejoicing.) Notes: svn path=/head/; revision=26221
* Revert $FreeBSD$ to $Id$Peter Wemm1997-02-221-1/+1
| | | | Notes: svn path=/head/; revision=22993
* Make the long-awaited change from $Id$ to $FreeBSD$Jordan K. Hubbard1997-01-141-1/+1
| | | | | | | | | | | This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise. Notes: svn path=/head/; revision=21673
* - prototypes now in include filePeter Wemm1996-12-301-26/+48
| | | | | | | | | | | - overhaul for unlimited fd's - OpenBSD's ftp port bounce attack fix - fix timeouts Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code. Notes: svn path=/head/; revision=21091
* clear various struct sockaddr_in's on stack, set sin_len.Peter Wemm1996-08-121-1/+2
| | | | | | | (Noticed when comparing to OpenBSD source) Notes: svn path=/head/; revision=17540
* Code cleanup:James Raynard1996-06-101-4/+4
| | | | | | | | | | | | | | | | | | | 1. Added missing function prototypes. 2. Added missing function return types. 3. Added missing function argument types. 4. Added missing headers for system function prototypes. 5. Corrected format specifier in printf(). 6. Added extra parentheses around assignment used as truth value. 7. Added missing "default" cases in switch statements. 8. Added casts for function pointers. 9. Did *not* change int declarations of uid and gid to uid_t/gid_t because I don't know if that would affect the protocol. Put in explicit casts to int instead, to make things more obvious. 10. Moved declarations of variables that are only used if YP is defined inside the '#ifdef YP' conditionals. Notes: svn path=/head/; revision=16283
* Code cleanup (part one):James Raynard1996-06-081-1/+4
| | | | | | | | | | | | | | | 1. Added missing function prototypes. 2. Added missing function return types. 3. Added missing function argument types. 4. Added missing headers for system function prototypes. 5. Got rid of "extern int errno" rubbish. Notes: svn path=/head/; revision=16236
* Fixed type mismatches.Bruce Evans1995-12-071-3/+3
| | | | Notes: svn path=/head/; revision=12663
* Well, cvs commit core'ed on me, I belive I have got all the locks out,Poul-Henning Kamp1995-10-221-3/+4
| | | | | | | | | | | | | | | | | | | | | | but a commit mail got lost, it's the same as for this commit: lib/libc/gen confstr.c crypt.c disklabel.c fstab.c getcap.c getgrent.c getgrouplist.c getpass.c getpwent.c initgroups.c nlist.c psignal.c pwcache.c setmode.c sleep.c sysconf.c sysctl.c syslog.c usleep.c lib/libc/locale none.c read_runemagi.c setlocale.c lib/libc/net gethostbydns.c getnetbydns.c getnetbynis.c lib/libc/nls msgcat.c lib/libc/quad Makefile.inc lib/libc/regex engine.c regcomp.c regerror.c Minor cleanup, mostly unused vars and missing #includes. Limit the number of quad functions we pull in for 'i386'. I still belive the quad stuff should go back into gcc. Add compile-time warnings about crypt functions. Notes: svn path=/head/; revision=11666
* Remove trailing whitespace.Rodney W. Grimes1995-05-301-9/+9
| | | | Notes: svn path=/head/; revision=8870
* Moving Sun RPC code into libc, part 1. Based on work done by a number ofGarrett Wollman1994-08-071-0/+421
people, including J.T. Conklin, Theo de Raadt, Paul Richards, and probably someone else who's going to flame me as soon as they see this message. Notes: svn path=/head/; revision=1901
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 20:27:38 +0000