mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Rukletsov <ruklet...@gmail.com>
Subject Review Request 61664: Libprocess: Added a timeout for send socket operation.
Date Tue, 15 Aug 2017 15:45:50 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61664/
-----------------------------------------------------------

Review request for mesos, Benno Evers, Benjamin Mahler, Jie Yu, and Vinod Kone.


Bugs: MESOS-7748
    https://issues.apache.org/jira/browse/MESOS-7748


Repository: mesos


Description
-------

Prior to this patch, a send socket operation can wait forever for
a send to complete. Clients that drop connections or stop reading
incoming data, aka "slow reader" attack, can eventually exhaust the
resources of a libprocess-based application and cause denial of
service or an OOM event.

This patch introduces an obligatory timeout for all send socket
operations, after which the stalled connection is dropped. The
timeout can be adjusted via the `LIBPROCESS_SOCKET_SEND_TIMEOUT`
environment variable.


Diffs
-----

  3rdparty/libprocess/src/process.cpp dcd9c6738816764aae066fe56cd5f468c98fc9bd 


Diff: https://reviews.apache.org/r/61664/diff/1/


Testing
-------

Manual testing with a rogue client.


Thanks,

Alexander Rukletsov


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message