diff options
| author | Jeff Trawick <trawick@apache.org> | 2004-03-19 12:16:03 +0100 |
|---|---|---|
| committer | Jeff Trawick <trawick@apache.org> | 2004-03-19 12:16:03 +0100 |
| commit | 4d8f4c26d62142dd48570038ab80d9e98f307a9b (patch) | |
| tree | 3325ee8042b40a431bcf67e66832a8888f870aa1 /server | |
| parent | mod_dav: Fix a problem that could cause crashes when manipulating (diff) | |
| download | apache2-4d8f4c26d62142dd48570038ab80d9e98f307a9b.tar.xz apache2-4d8f4c26d62142dd48570038ab80d9e98f307a9b.zip | |
*) SECURITY: CAN-2004-0174 (cve.mitre.org)
Fix starvation issue on listening sockets where a short-lived
connection on a rarely-accessed listening socket will cause a
child to hold the accept mutex and block out new connections until
another connection arrives on that rarely-accessed listening socket.
With Apache 2.x there is no performance concern about enabling the
logic for platforms which don't need it, so it is enabled everywhere
except for Win32. [Jeff Trawick]
(already in 2.0.49, propagating to mirrors now)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103029 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'server')
| -rw-r--r-- | server/listen.c | 20 | ||||
| -rw-r--r-- | server/mpm/netware/mpm_netware.c | 3 |
2 files changed, 20 insertions, 3 deletions
diff --git a/server/listen.c b/server/listen.c index 56a99751bc..e6873baec4 100644 --- a/server/listen.c +++ b/server/listen.c @@ -383,6 +383,26 @@ static int ap_listen_open(apr_pool_t *pool, apr_port_t port) } old_listeners = NULL; +#if AP_NONBLOCK_WHEN_MULTI_LISTEN + /* if multiple listening sockets, make them non-blocking so that + * if select()/poll() reports readability for a reset connection that + * is already forgotten about by the time we call accept, we won't + * be hung until another connection arrives on that port + */ + if (ap_listeners->next) { + for (lr = ap_listeners; lr; lr = lr->next) { + apr_status_t status; + + status = apr_socket_opt_set(lr->sd, APR_SO_NONBLOCK, 1); + if (status != APR_SUCCESS) { + ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_ERR, status, pool, + "ap_listen_open: unable to make socket non-blocking"); + return -1; + } + } + } +#endif /* AP_NONBLOCK_WHEN_MULTI_LISTEN */ + /* we come through here on both passes of the open logs phase * only register the cleanup once... otherwise we try to close * listening sockets twice when cleaning up prior to exec diff --git a/server/mpm/netware/mpm_netware.c b/server/mpm/netware/mpm_netware.c index 34e8cbf56e..27f0e51720 100644 --- a/server/mpm/netware/mpm_netware.c +++ b/server/mpm/netware/mpm_netware.c @@ -828,9 +828,6 @@ static int setup_listeners(server_rec *s) if (sockdes > listenmaxfd) { listenmaxfd = sockdes; } - /* Use non-blocking listen sockets so that we - never get hung up. */ - apr_socket_opt_set(lr->sd, APR_SO_NONBLOCK, 1); } return 0; } |