r4574 - trunk/varnish-cache/bin/varnishd

phk at projects.linpro.no phk at projects.linpro.no
Wed Feb 17 16:03:11 CET 2010


Author: phk
Date: 2010-02-17 16:03:10 +0100 (Wed, 17 Feb 2010)
New Revision: 4574

Modified:
   trunk/varnish-cache/bin/varnishd/cache_center.c
Log:
Make the session_linger a one-shot timer, and apply it also to
new sessions as such.  If we get no request in the session_linger
window, we punt the session over to the waiter, in order to not
tie up a worker thread longer than necessary.

This makes the session_linger a more important paramter to tune/get
right, but should also reduce our vulnerability to certain DoS attacks.



Modified: trunk/varnish-cache/bin/varnishd/cache_center.c
===================================================================
--- trunk/varnish-cache/bin/varnishd/cache_center.c	2010-02-17 14:53:01 UTC (rev 4573)
+++ trunk/varnish-cache/bin/varnishd/cache_center.c	2010-02-17 15:03:10 UTC (rev 4574)
@@ -84,7 +84,7 @@
 
 /*--------------------------------------------------------------------
  * WAIT
- * Wait until we have a full request in our htc.
+ * Wait (briefly) until we have a full request in our htc.
  */
 
 static int
@@ -99,35 +99,36 @@
 	assert(sp->xid == 0);
 
 	i = HTC_Complete(sp->htc);
-	while (i == 0) {
-		if (params->session_linger > 0) {
-			pfd[0].fd = sp->fd;
-			pfd[0].events = POLLIN;
-			pfd[0].revents = 0;
-			i = poll(pfd, 1, params->session_linger);
-			if (i == 0) {
-				WSL(sp->wrk, SLT_Debug, sp->fd, "herding");
-				sp->wrk->stats.sess_herd++;
-				SES_Charge(sp);
-				sp->wrk = NULL;
-				vca_return_session(sp);
-				return (1);
-			}
-		}
-		i = HTC_Rx(sp->htc);
+	if (i == 0 && params->session_linger > 0) {
+		pfd[0].fd = sp->fd;
+		pfd[0].events = POLLIN;
+		pfd[0].revents = 0;
+		i = poll(pfd, 1, params->session_linger);
+		if (i)
+			i = HTC_Rx(sp->htc);
 	}
+	if (i == 0) {
+		WSL(sp->wrk, SLT_Debug, sp->fd, "herding");
+		sp->wrk->stats.sess_herd++;
+		SES_Charge(sp);
+		sp->wrk = NULL;
+		vca_return_session(sp);
+		return (1);
+	}
 	if (i == 1) {
 		sp->step = STP_START;
-	} else {
-		if (i == -2)
-			vca_close_session(sp, "overflow");
-		else if (i == -1 && Tlen(sp->htc->rxbuf) == 0 &&
-		    (errno == 0 || errno == ECONNRESET))
-			vca_close_session(sp, "EOF");
-		else
-			vca_close_session(sp, "error");
-		sp->step = STP_DONE;
+		return (0);
 	}
+	if (i == -2) {
+		vca_close_session(sp, "overflow");
+		return (0);
+	}
+	if (i == -1 && Tlen(sp->htc->rxbuf) == 0 &&
+	    (errno == 0 || errno == ECONNRESET))
+		vca_close_session(sp, "EOF");
+	else
+		vca_close_session(sp, "error");
+	sp->step = STP_DONE;
 	return (0);
 }
 



More information about the varnish-commit mailing list