diff options
author | Russ Allbery <rra@stanford.edu> | 2012-02-18 18:03:54 -0800 |
---|---|---|
committer | Russ Allbery <rra@stanford.edu> | 2012-02-18 18:03:54 -0800 |
commit | f7a051250bac985d971c14305544ec091bd016e6 (patch) | |
tree | faed9a823e9022e5babf6cb1319d8e76dd8a8eac /server | |
parent | e16d04ffb9ad7ac8ce0c3ebf5e604e507830ac54 (diff) |
Use timeout support for all network operations
Add timeout support to the token functions. Adjust all callers
accordingly. Use a one hour timeout for all server network calls.
Add the data and hook for setting a client timeout, although currently
there's no way to set it.
Change-Id: Ife4c6cd1b4fbc94623b82bd85e17a0d9a3919fb4
Diffstat (limited to 'server')
-rw-r--r-- | server/generic.c | 10 | ||||
-rw-r--r-- | server/internal.h | 8 | ||||
-rw-r--r-- | server/server-v1.c | 6 | ||||
-rw-r--r-- | server/server-v2.c | 19 |
4 files changed, 28 insertions, 15 deletions
diff --git a/server/generic.c b/server/generic.c index 7477aa7..9c77d93 100644 --- a/server/generic.c +++ b/server/generic.c @@ -6,7 +6,7 @@ * * Written by Russ Allbery <rra@stanford.edu> * Based on work by Anton Ushakov - * Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 + * Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 * The Board of Trustees of the Leland Stanford Junior University * * See LICENSE for licensing terms. @@ -83,7 +83,8 @@ server_new_client(int fd, gss_cred_id_t creds) free(buffer); /* Accept the initial (worthless) token. */ - status = token_recv(client->fd, &flags, &recv_tok, TOKEN_MAX_LENGTH); + status = token_recv(client->fd, &flags, &recv_tok, TOKEN_MAX_LENGTH, + TIMEOUT); if (status != TOKEN_OK) { warn_token("receiving initial token", status, major, minor); goto fail; @@ -100,7 +101,8 @@ server_new_client(int fd, gss_cred_id_t creds) /* Now, do the real work of negotiating the context. */ do { - status = token_recv(client->fd, &flags, &recv_tok, TOKEN_MAX_LENGTH); + status = token_recv(client->fd, &flags, &recv_tok, TOKEN_MAX_LENGTH, + TIMEOUT); if (status != TOKEN_OK) { warn_token("receiving context token", status, major, minor); goto fail; @@ -126,7 +128,7 @@ server_new_client(int fd, gss_cred_id_t creds) flags = TOKEN_CONTEXT; if (client->protocol > 1) flags |= TOKEN_PROTOCOL; - status = token_send(client->fd, flags, &send_tok); + status = token_send(client->fd, flags, &send_tok, TIMEOUT); if (status != TOKEN_OK) { warn_token("sending context token", status, major, minor); gss_release_buffer(&minor, &send_tok); diff --git a/server/internal.h b/server/internal.h index 73419f2..8a48fb4 100644 --- a/server/internal.h +++ b/server/internal.h @@ -2,7 +2,7 @@ * Internal support functions for the remctld daemon. * * Written by Russ Allbery <rra@stanford.edu> - * Copyright 2006, 2007, 2008, 2009, 2010 + * Copyright 2006, 2007, 2008, 2009, 2010, 2012 * The Board of Trustees of the Leland Stanford Junior University * * See LICENSE for licensing terms. @@ -33,6 +33,12 @@ struct iovec; */ #define MAXCMDARGS (4 * 1024) +/* + * The timeout. We won't wait for longer than this number of seconds for more + * data from the client. This needs to be configurable. + */ +#define TIMEOUT (60 * 60) + /* Holds the information about a client connection. */ struct client { int fd; /* File descriptor of client connection. */ diff --git a/server/server-v1.c b/server/server-v1.c index 27b9169..d52b781 100644 --- a/server/server-v1.c +++ b/server/server-v1.c @@ -7,7 +7,7 @@ * * Written by Russ Allbery <rra@stanford.edu> * Based on work by Anton Ushakov - * Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 + * Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 * The Board of Trustees of the Leland Stanford Junior University * * See LICENSE for licensing terms. @@ -54,7 +54,7 @@ server_v1_send_output(struct client *client, int exit_status) /* Send the token. */ status = token_send_priv(client->fd, client->context, TOKEN_DATA, &token, - &major, &minor); + TIMEOUT, &major, &minor); if (status != TOKEN_OK) { warn_token("sending output token", status, major, minor); free(token.value); @@ -80,7 +80,7 @@ server_v1_handle_messages(struct client *client, struct config *config) /* Receive the message. */ status = token_recv_priv(client->fd, client->context, &flags, &token, - TOKEN_MAX_LENGTH, &major, &minor); + TOKEN_MAX_LENGTH, TIMEOUT, &major, &minor); if (status != TOKEN_OK) { warn_token("receiving command token", status, major, minor); if (status == TOKEN_FAIL_LARGE) diff --git a/server/server-v2.c b/server/server-v2.c index 0a5151a..a058916 100644 --- a/server/server-v2.c +++ b/server/server-v2.c @@ -5,7 +5,7 @@ * * Written by Russ Allbery <rra@stanford.edu> * Based on work by Anton Ushakov - * Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 + * Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 * The Board of Trustees of the Leland Stanford Junior University * * See LICENSE for licensing terms. @@ -59,7 +59,8 @@ server_v2_send_output(struct client *client, int stream) /* Send the token. */ status = token_send_priv(client->fd, client->context, - TOKEN_DATA | TOKEN_PROTOCOL, &token, &major, &minor); + TOKEN_DATA | TOKEN_PROTOCOL, &token, TIMEOUT, + &major, &minor); if (status != TOKEN_OK) { warn_token("sending output token", status, major, minor); free(token.value); @@ -93,7 +94,8 @@ server_v2_send_status(struct client *client, int exit_status) /* Send the token. */ status = token_send_priv(client->fd, client->context, - TOKEN_DATA | TOKEN_PROTOCOL, &token, &major, &minor); + TOKEN_DATA | TOKEN_PROTOCOL, &token, TIMEOUT, + &major, &minor); if (status != TOKEN_OK) { warn_token("sending status token", status, major, minor); client->fatal = true; @@ -135,7 +137,8 @@ server_v2_send_error(struct client *client, enum error_codes code, /* Send the token. */ status = token_send_priv(client->fd, client->context, - TOKEN_DATA | TOKEN_PROTOCOL, &token, &major, &minor); + TOKEN_DATA | TOKEN_PROTOCOL, &token, TIMEOUT, + &major, &minor); if (status != TOKEN_OK) { warn_token("sending error token", status, major, minor); free(token.value); @@ -169,7 +172,8 @@ server_v2_send_version(struct client *client) /* Send the token. */ status = token_send_priv(client->fd, client->context, - TOKEN_DATA | TOKEN_PROTOCOL, &token, &major, &minor); + TOKEN_DATA | TOKEN_PROTOCOL, &token, TIMEOUT, + &major, &minor); if (status != TOKEN_OK) { warn_token("sending version token", status, major, minor); client->fatal = true; @@ -200,7 +204,8 @@ server_v3_send_noop(struct client *client) /* Send the token. */ status = token_send_priv(client->fd, client->context, - TOKEN_DATA | TOKEN_PROTOCOL, &token, &major, &minor); + TOKEN_DATA | TOKEN_PROTOCOL, &token, TIMEOUT, + &major, &minor); if (status != TOKEN_OK) { warn_token("sending no-op token", status, major, minor); client->fatal = true; @@ -223,7 +228,7 @@ server_v2_read_token(struct client *client, gss_buffer_t token) int status, flags; status = token_recv_priv(client->fd, client->context, &flags, token, - TOKEN_MAX_LENGTH, &major, &minor); + TOKEN_MAX_LENGTH, TIMEOUT, &major, &minor); if (status != TOKEN_OK) { warn_token("receiving token", status, major, minor); if (status != TOKEN_FAIL_EOF) |