On 10/15/2014 06:19 AM, Gerd Hoffmann wrote: > Also track the number of connections in "connecting" and "shared" state > (additionally to "exclusive" state). Apply a configurable limit to
s/additionally to/in addition to the/ > these connections. > > The logic to apply the limit to connections in "shared" state is pretty > simple: When the limit is reached no new connections are allowed. > > The logic to apply the limit to connections in "connecting" state (this > is the state you are in *before* successfull authentication) is s/successfull/successful/ > slightly different: A new connect kicks out the oldest client which is > still in "connecting" state. This avoids a easy DoS by unauthenticated > users by simply opening connections until the limit is reached. > > Cc: Dr. David Alan Gilbert <dgilb...@redhat.com> > Signed-off-by: Gerd Hoffmann <kra...@redhat.com> > --- > ui/vnc.c | 46 +++++++++++++++++++++++++++++++++++++++++++--- > ui/vnc.h | 3 +++ > 2 files changed, 46 insertions(+), 3 deletions(-) > -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
