Somehow I succeeded in addressing this issue in my code. I maintained 'pending request count' against each client connection and in 'on_read' I made sure to return back quickly before queuing up the request, *if* the count is more than predefined value. This way I could restrict attacker from letting their illegitimate requests in my queue, at the same time while permitting 'max pending' asynchronous requests by legitimate clients.
I tested this generating huge asynchronous requests by hundreds of clients and so far it works perfect. Saúl, Joe, Fedor Many many thanks for everyone's input :) cheers, Ashish -- You received this message because you are subscribed to the Google Groups "libuv" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/libuv. For more options, visit https://groups.google.com/d/optout.
