httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From n..@apache.org
Subject svn commit: r791271 - /httpd/httpd/trunk/modules/experimental/mod_noloris.c
Date Sun, 05 Jul 2009 16:50:13 GMT
Author: niq
Date: Sun Jul  5 16:50:12 2009
New Revision: 791271

URL: http://svn.apache.org/viewvc?rev=791271&view=rev
Log:
mod_noloris: switch to fixed-sized shm ip storage, correct size, avoid strstr

Modified:
    httpd/httpd/trunk/modules/experimental/mod_noloris.c

Modified: httpd/httpd/trunk/modules/experimental/mod_noloris.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/experimental/mod_noloris.c?rev=791271&r1=791270&r2=791271&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/experimental/mod_noloris.c (original)
+++ httpd/httpd/trunk/modules/experimental/mod_noloris.c Sun Jul  5 16:50:12 2009
@@ -44,6 +44,8 @@
 module AP_MODULE_DECLARE_DATA noloris_module;
 module AP_MODULE_DECLARE_DATA core_module;
 
+#define ADDR_MAX_SIZE 48
+
 static unsigned int default_max_connections;
 static apr_hash_t *trusted;
 static apr_interval_time_t recheck_time;
@@ -71,14 +73,17 @@
 
     /* check the IP is not banned */
     shm_rec = apr_shm_baseaddr_get(shm);
-    if (strstr(shm_rec, conn->remote_ip)) {
-        apr_socket_t *csd = ap_get_module_config(conn->conn_config, &core_module);
-        ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, conn,
-                      "Dropping connection from banned IP %s", conn->remote_ip);
-        //ap_flush_conn(conn); /* just close it */
-        apr_socket_close(csd);
+    while (shm_rec[0] != '\0') {
+        if (!strcmp(shm_rec, conn->remote_ip)) {
+            apr_socket_t *csd = ap_get_module_config(conn->conn_config, &core_module);
+            ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, conn,
+                          "Dropping connection from banned IP %s",
+                          conn->remote_ip);
+            apr_socket_close(csd);
 
-        return DONE;
+            return DONE;
+        }
+        shm_rec += MAX_ADDR_SIZE;
     }
 
     /* store this client IP for the monitor to pick up */
@@ -123,7 +128,7 @@
     if (connections == NULL) {
         connections = apr_hash_make(pool);
         totals = apr_palloc(pool, server_limit*thread_limit);
-        ip = apr_palloc(pool, 18);
+        ip = apr_palloc(pool, ADDR_MAX_SIZE);
     }
 
     /* Get a per-client count of connections in READ state */
@@ -158,9 +163,8 @@
                 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, 0,
                        "noloris: banning %s with %d connections in READ state",
                        ip, *n);
-                strcpy(shm_rec++, " ");  /* space == separator */
                 strcpy(shm_rec, ip);
-                shm_rec += strlen(ip);
+                shm_rec += ADDR_MAX_SIZE;
             }
         }
     }
@@ -172,7 +176,7 @@
 {
     apr_status_t rv;
     int max_bans = thread_limit * server_limit / default_max_connections;
-    shm_size = 18 * max_bans;
+    shm_size = ADDR_MAX_SIZE * max_bans;
 
     rv = apr_shm_create(&shm, shm_size, NULL, pconf);
     if (rv != APR_SUCCESS) {



Mime
View raw message