Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 87425 invoked from network); 18 Mar 2004 07:36:55 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 18 Mar 2004 07:36:55 -0000 Received: (qmail 10551 invoked by uid 500); 18 Mar 2004 07:36:31 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 10532 invoked by uid 500); 18 Mar 2004 07:36:31 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 10519 invoked by uid 500); 18 Mar 2004 07:36:31 -0000 Delivered-To: apmail-httpd-2.0-cvs@apache.org Received: (qmail 10516 invoked from network); 18 Mar 2004 07:36:31 -0000 Received: from unknown (HELO minotaur.apache.org) (209.237.227.194) by daedalus.apache.org with SMTP; 18 Mar 2004 07:36:31 -0000 Received: (qmail 87415 invoked by uid 1343); 18 Mar 2004 07:36:53 -0000 Date: 18 Mar 2004 07:36:53 -0000 Message-ID: <20040318073653.87414.qmail@minotaur.apache.org> From: striker@apache.org To: httpd-2.0-cvs@apache.org Subject: cvs commit: httpd-2.0/server/mpm/netware mpm_netware.c X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N striker 2004/03/17 23:36:53 Modified: . Tag: APACHE_2_0_BRANCH CHANGES configure.in include Tag: APACHE_2_0_BRANCH ap_config.h os/unix Tag: APACHE_2_0_BRANCH unixd.c server Tag: APACHE_2_0_BRANCH listen.c server/mpm/netware Tag: APACHE_2_0_BRANCH mpm_netware.c Log: Fix starvation issue on listening sockets where a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. With Apache 2.x there is no performance concern about enabling the logic for platforms which don't need it, so it is enabled everywhere except for Win32. Submitted by: Jeff Trawick Reviewed by: Jim Jagielski, Justin Erenkrantz Revision Changes Path No revision No revision 1.988.2.256 +9 -0 httpd-2.0/CHANGES Index: CHANGES =================================================================== RCS file: /home/cvs/httpd-2.0/CHANGES,v retrieving revision 1.988.2.255 retrieving revision 1.988.2.256 diff -u -r1.988.2.255 -r1.988.2.256 --- CHANGES 16 Mar 2004 21:10:15 -0000 1.988.2.255 +++ CHANGES 18 Mar 2004 07:36:52 -0000 1.988.2.256 @@ -1,5 +1,14 @@ Changes with Apache 2.0.49 + *) SECURITY: CAN-2004-0174 (cve.mitre.org) + Fix starvation issue on listening sockets where a short-lived + connection on a rarely-accessed listening socket will cause a + child to hold the accept mutex and block out new connections until + another connection arrives on that rarely-accessed listening socket. + With Apache 2.x there is no performance concern about enabling the + logic for platforms which don't need it, so it is enabled everywhere + except for Win32. [Jeff Trawick] + *) mod_cgid: Fix storage corruption caused by use of incorrect pool. [Jeff Trawick] 1.232.2.14 +7 -0 httpd-2.0/configure.in Index: configure.in =================================================================== RCS file: /home/cvs/httpd-2.0/configure.in,v retrieving revision 1.232.2.13 retrieving revision 1.232.2.14 diff -u -r1.232.2.13 -r1.232.2.14 --- configure.in 26 Feb 2004 20:32:19 -0000 1.232.2.13 +++ configure.in 18 Mar 2004 07:36:52 -0000 1.232.2.14 @@ -236,6 +236,8 @@ ;; esac +APR_SETVAR(AP_NONBLOCK_WHEN_MULTI_LISTEN, [1]) + dnl dnl Process command line arguments. This is done early in the process so the dnl user can get feedback quickly in case of an error. @@ -487,6 +489,11 @@ if test "$SINGLE_LISTEN_UNSERIALIZED_ACCEPT" = "1"; then AC_DEFINE(SINGLE_LISTEN_UNSERIALIZED_ACCEPT, 1, [This platform doesn't suffer from the thundering herd problem]) +fi + +if test "$AP_NONBLOCK_WHEN_MULTI_LISTEN" = "1"; then + AC_DEFINE(AP_NONBLOCK_WHEN_MULTI_LISTEN, 1, + [Listening sockets are non-blocking when there are more than 1]) fi AC_DEFINE_UNQUOTED(AP_SIG_GRACEFUL, SIG$AP_SIG_GRACEFUL, [Signal used to gracefully restart]) No revision No revision 1.69.2.5 +3 -0 httpd-2.0/include/ap_config.h Index: ap_config.h =================================================================== RCS file: /home/cvs/httpd-2.0/include/ap_config.h,v retrieving revision 1.69.2.4 retrieving revision 1.69.2.5 diff -u -r1.69.2.4 -r1.69.2.5 --- ap_config.h 9 Feb 2004 20:54:33 -0000 1.69.2.4 +++ ap_config.h 18 Mar 2004 07:36:53 -0000 1.69.2.5 @@ -230,6 +230,9 @@ #include "ap_config_auto.h" #include "ap_config_layout.h" #endif +#if defined(NETWARE) +#define AP_NONBLOCK_WHEN_MULTI_LISTEN 1 +#endif /* TODO - We need to put OS detection back to make all the following work */ No revision No revision 1.55.2.8 +13 -0 httpd-2.0/os/unix/unixd.c Index: unixd.c =================================================================== RCS file: /home/cvs/httpd-2.0/os/unix/unixd.c,v retrieving revision 1.55.2.7 retrieving revision 1.55.2.8 diff -u -r1.55.2.7 -r1.55.2.8 --- unixd.c 9 Feb 2004 20:59:45 -0000 1.55.2.7 +++ unixd.c 18 Mar 2004 07:36:53 -0000 1.55.2.8 @@ -547,6 +547,19 @@ #ifdef ENETUNREACH case ENETUNREACH: #endif + /* EAGAIN/EWOULDBLOCK can be returned on BSD-derived + * TCP stacks when the connection is aborted before + * we call connect, but only because our listener + * sockets are non-blocking (AP_NONBLOCK_WHEN_MULTI_LISTEN) + */ +#ifdef EAGAIN + case EAGAIN: +#endif +#ifdef EWOULDBLOCK +#if !defined(EAGAIN) || EAGAIN != EWOULDBLOCK + case EWOULDBLOCK: +#endif +#endif break; #ifdef ENETDOWN case ENETDOWN: No revision No revision 1.83.2.7 +20 -0 httpd-2.0/server/listen.c Index: listen.c =================================================================== RCS file: /home/cvs/httpd-2.0/server/listen.c,v retrieving revision 1.83.2.6 retrieving revision 1.83.2.7 diff -u -r1.83.2.6 -r1.83.2.7 --- listen.c 9 Feb 2004 20:59:46 -0000 1.83.2.6 +++ listen.c 18 Mar 2004 07:36:53 -0000 1.83.2.7 @@ -329,6 +329,26 @@ } old_listeners = NULL; +#if AP_NONBLOCK_WHEN_MULTI_LISTEN + /* if multiple listening sockets, make them non-blocking so that + * if select()/poll() reports readability for a reset connection that + * is already forgotten about by the time we call accept, we won't + * be hung until another connection arrives on that port + */ + if (ap_listeners->next) { + for (lr = ap_listeners; lr; lr = lr->next) { + apr_status_t status; + + status = apr_socket_opt_set(lr->sd, APR_SO_NONBLOCK, 1); + if (status != APR_SUCCESS) { + ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_ERR, status, pool, + "ap_listen_open: unable to make socket non-blocking"); + return -1; + } + } + } +#endif /* AP_NONBLOCK_WHEN_MULTI_LISTEN */ + /* we come through here on both passes of the open logs phase * only register the cleanup once... otherwise we try to close * listening sockets twice when cleaning up prior to exec No revision No revision 1.62.2.19 +0 -3 httpd-2.0/server/mpm/netware/mpm_netware.c Index: mpm_netware.c =================================================================== RCS file: /home/cvs/httpd-2.0/server/mpm/netware/mpm_netware.c,v retrieving revision 1.62.2.18 retrieving revision 1.62.2.19 diff -u -r1.62.2.18 -r1.62.2.19 --- mpm_netware.c 16 Mar 2004 03:09:59 -0000 1.62.2.18 +++ mpm_netware.c 18 Mar 2004 07:36:53 -0000 1.62.2.19 @@ -829,9 +829,6 @@ if (sockdes > listenmaxfd) { listenmaxfd = sockdes; } - /* Use non-blocking listen sockets so that we - never get hung up. */ - apr_socket_opt_set(lr->sd, APR_SO_NONBLOCK, 1); } return 0; }