Show
Ignore:
Timestamp:
09/26/09 19:50:04 (4 years ago)
Author:
ahu
Message:

hook up 'tcp defer accept' again for slight DoS protection on linux
reinstate the lookup of socket addresses for 'Lua'

Files:
1 modified

Legend:

Unmodified
Added
Removed

  • trunk/pdns/pdns/pdns_recursor.cc

    r1413 r1414  
    4949#include <boost/function.hpp> 
    5050#include <boost/algorithm/string.hpp> 
     51#include <netinet/tcp.h> 
    5152#include "dnsparser.hh" 
    5253#include "dnswriter.hh" 
     
    8485NetmaskGroup* g_dontQuery; 
    8586string s_programname="pdns_recursor"; 
    86 typedef vector<int> g_tcpListenSockets_t; 
    87 g_tcpListenSockets_t g_tcpListenSockets; // is shared per thread!! 
     87typedef vector<int> tcpListenSockets_t; 
     88tcpListenSockets_t g_tcpListenSockets;   // shared across threads, but this is fine, never written to from a thread. All threads listen on all sockets 
    8889int g_tcpTimeout; 
    8990//MemcachedCommunicator* g_mc; 
    9091// DHCPCommunicator* g_dc; 
    91 map<int, ComboAddress> g_listenSocketsAddresses; // is shared per thread! 
     92map<int, ComboAddress> g_listenSocketsAddresses; // is shared across all threads right now 
    9293struct DNSComboWriter { 
    9394  DNSComboWriter(const char* data, uint16_t len, const struct timeval& now) : d_mdp(data, len), d_now(now), d_tcp(false), d_socket(-1) 
     
    11071108 
    11081109    deferredAdd.push_back(make_pair(fd, handleNewUDPQuestion)); 
    1109     //    g_listenSocketsAddresses[fd]=sin;  // XXX FIXME ERASED BECAUSE OF MULTITHREADING 
     1110    g_listenSocketsAddresses[fd]=sin;  // this is written to only from the startup thread, not from the workers 
    11101111    if(sin.sin4.sin_family == AF_INET)  
    11111112      L<<Logger::Error<<"Listening for UDP queries on "<< sin.toString() <<":"<<st.port<<endl; 
     
    20282029 
    20292030    if(listenOnTCP) { 
    2030       if(TCPConnection::s_currentConnections > maxTcpClients) {  // shutdown 
    2031         for(g_tcpListenSockets_t::iterator i=g_tcpListenSockets.begin(); i != g_tcpListenSockets.end(); ++i) 
     2031      if(TCPConnection::s_currentConnections > maxTcpClients) {  // shutdown, too many connections 
     2032        for(tcpListenSockets_t::iterator i=g_tcpListenSockets.begin(); i != g_tcpListenSockets.end(); ++i) 
    20322033          t_fdm->removeReadFD(*i); 
    20332034        listenOnTCP=false; 
     
    20362037    else { 
    20372038      if(TCPConnection::s_currentConnections <= maxTcpClients) {  // reenable 
    2038         for(g_tcpListenSockets_t::iterator i=g_tcpListenSockets.begin(); i != g_tcpListenSockets.end(); ++i) 
     2039        for(tcpListenSockets_t::iterator i=g_tcpListenSockets.begin(); i != g_tcpListenSockets.end(); ++i) 
    20392040          t_fdm->addReadFD(*i, handleNewTCPQuestion); 
    20402041        listenOnTCP=true;