-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61664/
-----------------------------------------------------------
Review request for mesos, Benno Evers, Benjamin Mahler, Jie Yu, and Vinod Kone.
Bugs: MESOS-7748
https://issues.apache.org/jira/browse/MESOS-7748
Repository: mesos
Description
-------
Prior to this patch, a send socket operation can wait forever for
a send to complete. Clients that drop connections or stop reading
incoming data, aka "slow reader" attack, can eventually exhaust the
resources of a libprocess-based application and cause denial of
service or an OOM event.
This patch introduces an obligatory timeout for all send socket
operations, after which the stalled connection is dropped. The
timeout can be adjusted via the `LIBPROCESS_SOCKET_SEND_TIMEOUT`
environment variable.
Diffs
-----
3rdparty/libprocess/src/process.cpp dcd9c6738816764aae066fe56cd5f468c98fc9bd
Diff: https://reviews.apache.org/r/61664/diff/1/
Testing
-------
Manual testing with a rogue client.
Thanks,
Alexander Rukletsov
