On Saturday 06 March 2010 11:43, Ajith Adapa wrote: > I had a small doubt with httpd.c code .. > > >> Following is the transmission steps between Client and Server > >> > >> 1. 3 way handshake > >> 2. GET packet from client and then followed by ACK from server. > >> 3. RST ACK from Client to Server > >> > >> As a result of RST_ACK packet from client the socket connection is getting > >> terminated >> abruptly and cur_clients global variable is not getting > >> decremented. Once cur_clients > >> value reaches the max value of 5 it stops accepting the new connections. > > In my scenario the child process is getting terminated abnormally and > there is no mechanism in httpd for decrementing the value of > cur_clients if it gets terminated abnormally. httpd takes for granted > that > > SIGCHLD signal is ignored in httpd because of a chance of creating > ZOMBIES. But I tried the scenario where I created a SIGCHLD signal > handler where it properly handles the child process which is killed > and decrements the value for cur_clients variable and it solved my > Denial of Service attack scenario (I am not sure if it is a proper way > to do but I am not creating any zombies). > > When I gone through 1.16 version code for httpd.c file I still see > that SIGCHLD signal is ignored. But there is no check in httpd server > for maximum number of clients allowed to be processed. > > So is http server in 1.16 version doesnt have any limitation of > supporting only MAX_CLIENTS number of clients ??
httpd.c in 1.16.0 has neither MAX_CLIENTS nor cur_clients variables or defines. I searched entire git history and there are no such things anywhere. Thus I do not understand what code are you talking about. -- vda _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
