*) SECURITY: CAN-2004-0174 (cve.mitre.org)

     Fix starvation issue on listening sockets where a short-lived
     connection on a rarely-accessed listening socket will cause a
     child to hold the accept mutex and block out new connections until
     another connection arrives on that rarely-accessed listening socket.
     With Apache 2.x there is no performance concern about enabling the
     logic for platforms which don't need it, so it is enabled everywhere
     except for Win32.  [Jeff Trawick]

(already in 2.0.49, propagating to mirrors now)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103029 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 13 insertions, 0 deletions

diff --git a/os/unix/unixd.c b/os/unix/unixd.c
index 082b3cf6a7..6d43fe70f5 100644
--- a/os/unix/unixd.c
+++ b/os/unix/unixd.c
@@ -531,6 +531,19 @@ AP_DECLARE(apr_status_t) unixd_accept(void **accepted, ap_listen_rec *lr,
 #ifdef ENETUNREACH
         case ENETUNREACH:
 #endif
+        /* EAGAIN/EWOULDBLOCK can be returned on BSD-derived
+         * TCP stacks when the connection is aborted before
+         * we call connect, but only because our listener
+         * sockets are non-blocking (AP_NONBLOCK_WHEN_MULTI_LISTEN)
+         */
+#ifdef EAGAIN
+        case EAGAIN:
+#endif
+#ifdef EWOULDBLOCK
+#if !defined(EAGAIN) || EAGAIN != EWOULDBLOCK
+        case EWOULDBLOCK:
+#endif
+#endif
             break;
 #ifdef ENETDOWN
         case ENETDOWN: