Mercurial > dovecot > core-2.2
changeset 2777:dc309a440bbe HEAD
If auth client sends broken input and we disconnect it, wait for a while
before disconnecting to avoid flooding.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 19 Oct 2004 03:59:12 +0300 |
parents | 150f8151c971 |
children | b85e7c414f06 |
files | src/auth/auth-client-connection.c src/auth/auth-client-connection.h |
diffstat | 2 files changed, 27 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-client-connection.c Tue Oct 19 03:51:21 2004 +0300 +++ b/src/auth/auth-client-connection.c Tue Oct 19 03:59:12 2004 +0300 @@ -23,6 +23,8 @@ #define MAX_OUTBUF_SIZE (1024*50) static void auth_client_connection_unref(struct auth_client_connection *conn); +static void +auth_client_connection_destroy_wait(struct auth_client_connection *conn); static void auth_client_send(struct auth_client_connection *conn, const char *fmt, ...) __attr_format__(2, 3); @@ -44,7 +46,7 @@ if (ret != (ssize_t)str->used) { i_warning("Authentication client %u: " "Transmit buffer full, killing it", conn->pid); - auth_client_connection_destroy(conn); + auth_client_connection_destroy_wait(conn); } va_end(args); t_pop(); @@ -99,7 +101,7 @@ i_warning("Authentication client %u: " "Transmit buffer full, killing it", request->conn->pid); - auth_client_connection_destroy(request->conn); + auth_client_connection_destroy_wait(request->conn); } t_pop(); @@ -357,7 +359,7 @@ /* buffer full */ i_error("BUG: Auth client %u sent us more than %d bytes", conn->pid, (int)AUTH_CLIENT_MAX_LINE_LENGTH); - auth_client_connection_destroy(conn); + auth_client_connection_destroy_wait(conn); return; } @@ -373,7 +375,7 @@ i_error("Authentication client %u " "not compatible with this server " "(mixed old and new binaries?)", conn->pid); - auth_client_connection_destroy(conn); + auth_client_connection_destroy_wait(conn); return; } conn->version_received = TRUE; @@ -398,7 +400,7 @@ t_pop(); if (!ret) { - auth_client_connection_destroy(conn); + auth_client_connection_destroy_wait(conn); break; } } @@ -472,8 +474,10 @@ i_stream_close(conn->input); o_stream_close(conn->output); - io_remove(conn->io); - conn->io = 0; + if (conn->io != NULL) { + io_remove(conn->io); + conn->io = NULL; + } net_disconnect(conn->fd); conn->fd = -1; @@ -482,6 +486,15 @@ auth_client_connection_unref(conn); } +static void +auth_client_connection_destroy_wait(struct auth_client_connection *conn) +{ + conn->delayed_destroy = TRUE; + + io_remove(conn->io); + conn->io = NULL; +} + static void auth_client_connection_unref(struct auth_client_connection *conn) { struct hash_iterate_context *iter; @@ -514,6 +527,11 @@ unsigned int secs; int destroy = FALSE; + if (conn->delayed_destroy) { + auth_client_connection_destroy(conn); + return; + } + iter = hash_iterate_init(conn->auth_requests); while (hash_iterate(iter, &key, &value)) { struct auth_request *auth_request = value;
--- a/src/auth/auth-client-connection.h Tue Oct 19 03:51:21 2004 +0300 +++ b/src/auth/auth-client-connection.h Tue Oct 19 03:59:12 2004 +0300 @@ -18,7 +18,9 @@ unsigned int pid; unsigned int connect_uid; + unsigned int version_received:1; + unsigned int delayed_destroy:1; }; struct auth_client_connection *