upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- delay-close does not act if there are udp-wait queries, so that

Browse source 
it does not make a socketdrain DoS easier.


git-svn-id: file:///svn/unbound/trunk@3059 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2014-01-30 09:27:00 +00:00
parent d8e5a83392
commit 0fbe678e68
2 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
doc/Changelog
View file

@ -1,3 +1,7 @@
30 January 2014: Wouter
- delay-close does not act if there are udp-wait queries, so that
it does not make a socketdrain DoS easier.
28 January 2014: Wouter 28 January 2014: Wouter
- iana portlist updated. - iana portlist updated.
- iana portlist test updated so it does not touch the source - iana portlist test updated so it does not touch the source

6
services/outside_network.c
View file

@ -522,7 +522,11 @@ pending_udp_timer_cb(void *arg)
fptr_ok(fptr_whitelist_pending_udp(p->cb)); fptr_ok(fptr_whitelist_pending_udp(p->cb));
(void)(*p->cb)(p->pc->cp, p->cb_arg, NETEVENT_TIMEOUT, NULL); (void)(*p->cb)(p->pc->cp, p->cb_arg, NETEVENT_TIMEOUT, NULL);
} }
if(outnet->delayclose) { /* if delayclose, keep port open for a longer time.
* But if the udpwaitlist exists, then we are struggling to
* keep up with demand for sockets, so do not wait, but service
* the customer (customer service more important than portICMPs) */
if(outnet->delayclose && !outnet->udp_wait_first) {
p->cb = NULL; p->cb = NULL;
p->timer->callback = &pending_udp_timer_delay_cb; p->timer->callback = &pending_udp_timer_delay_cb;
comm_timer_set(p->timer, &outnet->delay_tv); comm_timer_set(p->timer, &outnet->delay_tv);