httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stri...@apache.org
Subject cvs commit: httpd-2.0/server/mpm/netware mpm_netware.c
Date Thu, 18 Mar 2004 07:36:53 GMT
striker     2004/03/17 23:36:53

  Modified:    .        Tag: APACHE_2_0_BRANCH CHANGES configure.in
               include  Tag: APACHE_2_0_BRANCH ap_config.h
               os/unix  Tag: APACHE_2_0_BRANCH unixd.c
               server   Tag: APACHE_2_0_BRANCH listen.c
               server/mpm/netware Tag: APACHE_2_0_BRANCH mpm_netware.c
  Log:
  Fix starvation issue on listening sockets where a short-lived
  connection on a rarely-accessed listening socket will cause a
  child to hold the accept mutex and block out new connections until
  another connection arrives on that rarely-accessed listening socket.
  With Apache 2.x there is no performance concern about enabling the
  logic for platforms which don't need it, so it is enabled everywhere
  except for Win32.
  
  Submitted by:	Jeff Trawick
  Reviewed by:	Jim Jagielski, Justin Erenkrantz
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.988.2.256 +9 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.988.2.255
  retrieving revision 1.988.2.256
  diff -u -r1.988.2.255 -r1.988.2.256
  --- CHANGES	16 Mar 2004 21:10:15 -0000	1.988.2.255
  +++ CHANGES	18 Mar 2004 07:36:52 -0000	1.988.2.256
  @@ -1,5 +1,14 @@
   Changes with Apache 2.0.49
   
  +  *) SECURITY: CAN-2004-0174 (cve.mitre.org)
  +     Fix starvation issue on listening sockets where a short-lived
  +     connection on a rarely-accessed listening socket will cause a
  +     child to hold the accept mutex and block out new connections until
  +     another connection arrives on that rarely-accessed listening socket.
  +     With Apache 2.x there is no performance concern about enabling the 
  +     logic for platforms which don't need it, so it is enabled everywhere
  +     except for Win32.  [Jeff Trawick]
  +
     *) mod_cgid: Fix storage corruption caused by use of incorrect pool.
        [Jeff Trawick]
   
  
  
  
  1.232.2.14 +7 -0      httpd-2.0/configure.in
  
  Index: configure.in
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/configure.in,v
  retrieving revision 1.232.2.13
  retrieving revision 1.232.2.14
  diff -u -r1.232.2.13 -r1.232.2.14
  --- configure.in	26 Feb 2004 20:32:19 -0000	1.232.2.13
  +++ configure.in	18 Mar 2004 07:36:52 -0000	1.232.2.14
  @@ -236,6 +236,8 @@
         ;;
   esac
   
  +APR_SETVAR(AP_NONBLOCK_WHEN_MULTI_LISTEN, [1])
  +
   dnl
   dnl Process command line arguments. This is done early in the process so the
   dnl user can get feedback quickly in case of an error.
  @@ -487,6 +489,11 @@
   if test "$SINGLE_LISTEN_UNSERIALIZED_ACCEPT" = "1"; then
       AC_DEFINE(SINGLE_LISTEN_UNSERIALIZED_ACCEPT, 1, 
                 [This platform doesn't suffer from the thundering herd problem])
  +fi
  +
  +if test "$AP_NONBLOCK_WHEN_MULTI_LISTEN" = "1"; then
  +    AC_DEFINE(AP_NONBLOCK_WHEN_MULTI_LISTEN, 1, 
  +              [Listening sockets are non-blocking when there are more than 1])
   fi
   
   AC_DEFINE_UNQUOTED(AP_SIG_GRACEFUL, SIG$AP_SIG_GRACEFUL, [Signal used to gracefully restart])
  
  
  
  No                   revision
  No                   revision
  1.69.2.5  +3 -0      httpd-2.0/include/ap_config.h
  
  Index: ap_config.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/include/ap_config.h,v
  retrieving revision 1.69.2.4
  retrieving revision 1.69.2.5
  diff -u -r1.69.2.4 -r1.69.2.5
  --- ap_config.h	9 Feb 2004 20:54:33 -0000	1.69.2.4
  +++ ap_config.h	18 Mar 2004 07:36:53 -0000	1.69.2.5
  @@ -230,6 +230,9 @@
   #include "ap_config_auto.h"
   #include "ap_config_layout.h"
   #endif
  +#if defined(NETWARE)
  +#define AP_NONBLOCK_WHEN_MULTI_LISTEN 1
  +#endif
   
   /* TODO - We need to put OS detection back to make all the following work */
   
  
  
  
  No                   revision
  No                   revision
  1.55.2.8  +13 -0     httpd-2.0/os/unix/unixd.c
  
  Index: unixd.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/os/unix/unixd.c,v
  retrieving revision 1.55.2.7
  retrieving revision 1.55.2.8
  diff -u -r1.55.2.7 -r1.55.2.8
  --- unixd.c	9 Feb 2004 20:59:45 -0000	1.55.2.7
  +++ unixd.c	18 Mar 2004 07:36:53 -0000	1.55.2.8
  @@ -547,6 +547,19 @@
   #ifdef ENETUNREACH
           case ENETUNREACH:
   #endif
  +        /* EAGAIN/EWOULDBLOCK can be returned on BSD-derived
  +         * TCP stacks when the connection is aborted before
  +         * we call connect, but only because our listener
  +         * sockets are non-blocking (AP_NONBLOCK_WHEN_MULTI_LISTEN)
  +         */
  +#ifdef EAGAIN
  +        case EAGAIN:
  +#endif
  +#ifdef EWOULDBLOCK
  +#if !defined(EAGAIN) || EAGAIN != EWOULDBLOCK
  +        case EWOULDBLOCK:
  +#endif
  +#endif
               break;
   #ifdef ENETDOWN
           case ENETDOWN:
  
  
  
  No                   revision
  No                   revision
  1.83.2.7  +20 -0     httpd-2.0/server/listen.c
  
  Index: listen.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/listen.c,v
  retrieving revision 1.83.2.6
  retrieving revision 1.83.2.7
  diff -u -r1.83.2.6 -r1.83.2.7
  --- listen.c	9 Feb 2004 20:59:46 -0000	1.83.2.6
  +++ listen.c	18 Mar 2004 07:36:53 -0000	1.83.2.7
  @@ -329,6 +329,26 @@
       }
       old_listeners = NULL;
   
  +#if AP_NONBLOCK_WHEN_MULTI_LISTEN
  +    /* if multiple listening sockets, make them non-blocking so that
  +     * if select()/poll() reports readability for a reset connection that
  +     * is already forgotten about by the time we call accept, we won't
  +     * be hung until another connection arrives on that port
  +     */
  +    if (ap_listeners->next) {
  +        for (lr = ap_listeners; lr; lr = lr->next) {
  +            apr_status_t status;
  +
  +            status = apr_socket_opt_set(lr->sd, APR_SO_NONBLOCK, 1);
  +            if (status != APR_SUCCESS) {
  +                ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_ERR, status, pool,
  +                              "ap_listen_open: unable to make socket non-blocking");
  +                return -1;
  +            }
  +        }
  +    }
  +#endif /* AP_NONBLOCK_WHEN_MULTI_LISTEN */
  +
       /* we come through here on both passes of the open logs phase
        * only register the cleanup once... otherwise we try to close
        * listening sockets twice when cleaning up prior to exec
  
  
  
  No                   revision
  No                   revision
  1.62.2.19 +0 -3      httpd-2.0/server/mpm/netware/mpm_netware.c
  
  Index: mpm_netware.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/mpm/netware/mpm_netware.c,v
  retrieving revision 1.62.2.18
  retrieving revision 1.62.2.19
  diff -u -r1.62.2.18 -r1.62.2.19
  --- mpm_netware.c	16 Mar 2004 03:09:59 -0000	1.62.2.18
  +++ mpm_netware.c	18 Mar 2004 07:36:53 -0000	1.62.2.19
  @@ -829,9 +829,6 @@
           if (sockdes > listenmaxfd) {
               listenmaxfd = sockdes;
           }
  -        /* Use non-blocking listen sockets so that we
  -           never get hung up. */
  -        apr_socket_opt_set(lr->sd, APR_SO_NONBLOCK, 1);
       }
       return 0;
   }
  
  
  

Mime
View raw message