Re: ldapd(8) hangs when receiving large data

Mon, 15 May 2017 15:40:23 -0700 

On Fri, May 05, 2017 at 06:05:28PM +0000, Seiya Kawashima wrote:
> I'm not quite sure if this is the right way to fix the issue but it looks 
> like that
> this issue is related to how ldapd(8) buffers LDAP messages from the client.

Thanks for the analysis.  I have copied the code from libevent to
syslogd.  While adapting to TLS, I did not think about that
ioctl(FIONREAD) does not make sense for TLS.  Then it was copied
to ldapd again without realizing the problem.

I would like to keep this as much a possible in sync with libevent.
So just remove the problematic code in ldapd(8) and syslogd(8).

ok?

bluhm

Index: usr.sbin/ldapd/evbuffer_tls.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/ldapd/evbuffer_tls.c,v
retrieving revision 1.2
diff -u -p -r1.2 evbuffer_tls.c
--- usr.sbin/ldapd/evbuffer_tls.c       3 Mar 2017 20:26:23 -0000       1.2
+++ usr.sbin/ldapd/evbuffer_tls.c       15 May 2017 22:32:32 -0000
@@ -298,21 +298,6 @@ evtls_read(struct evbuffer *buf, int fd,
        size_t oldoff = buf->off;
        int n = EVBUFFER_MAX_READ;
 
-       if (ioctl(fd, FIONREAD, &n) == -1 || n <= 0) {
-               n = EVBUFFER_MAX_READ;
-       } else if (n > EVBUFFER_MAX_READ && n > howmuch) {
-               /*
-                * It's possible that a lot of data is available for
-                * reading.  We do not want to exhaust resources
-                * before the reader has a chance to do something
-                * about it.  If the reader does not tell us how much
-                * data we should read, we artifically limit it.
-                */
-               if ((size_t)n > buf->totallen << 2)
-                       n = buf->totallen << 2;
-               if (n < EVBUFFER_MAX_READ)
-                       n = EVBUFFER_MAX_READ;
-       }
        if (howmuch < 0 || howmuch > n)
                howmuch = n;
 
Index: usr.sbin/syslogd/evbuffer_tls.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/evbuffer_tls.c,v
retrieving revision 1.10
diff -u -p -r1.10 evbuffer_tls.c
--- usr.sbin/syslogd/evbuffer_tls.c     3 Mar 2017 20:26:23 -0000       1.10
+++ usr.sbin/syslogd/evbuffer_tls.c     15 May 2017 22:32:15 -0000
@@ -298,21 +298,6 @@ evtls_read(struct evbuffer *buf, int fd,
        size_t oldoff = buf->off;
        int n = EVBUFFER_MAX_READ;
 
-       if (ioctl(fd, FIONREAD, &n) == -1 || n <= 0) {
-               n = EVBUFFER_MAX_READ;
-       } else if (n > EVBUFFER_MAX_READ && n > howmuch) {
-               /*
-                * It's possible that a lot of data is available for
-                * reading.  We do not want to exhaust resources
-                * before the reader has a chance to do something
-                * about it.  If the reader does not tell us how much
-                * data we should read, we artifically limit it.
-                */
-               if ((size_t)n > buf->totallen << 2)
-                       n = buf->totallen << 2;
-               if (n < EVBUFFER_MAX_READ)
-                       n = EVBUFFER_MAX_READ;
-       }
        if (howmuch < 0 || howmuch > n)
                howmuch = n;

Reply via email to