[jira] [Commented] (THRIFT-3957) TConnectedClient does not disconnect from clients when their timeout is reached.

Thu, 03 Nov 2016 13:38:21 -0700 

    [ 
https://issues.apache.org/jira/browse/THRIFT-3957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15634173#comment-15634173
 ] 

James E. King, III commented on THRIFT-3957:
--------------------------------------------

Okay, I fixed up the pull request that's outstanding.  Sadly, the documentation 
on TSocket.h isn't very descriptive about setting the timeout and the 
implications of such.  I've seen looping code in TSocket that revolves around 
TIMED_OUT however my guess is that it existed in the past to attempt to give 
the socket thread(s) a chance to unblock from a poll, select, or recv call and 
check to see if the server has been stopped.  That's no longer needed since 
0.9.3 because of the interruptable socket implementation, so this change works 
for me.  The code that was in TConnectedClient was pulled from the three 
different server implementations and I believe all of them used to ignore 
TIMED_OUT so this could cause a behavioral difference in future versions that 
folks may not expect, however it is "more correct".

> TConnectedClient does not disconnect from clients when their timeout is 
> reached.
> --------------------------------------------------------------------------------
>
>                 Key: THRIFT-3957
>                 URL: https://issues.apache.org/jira/browse/THRIFT-3957
>             Project: Thrift
>          Issue Type: Bug
>          Components: C++ - Library
>    Affects Versions: 0.9.3, 0.10.0
>            Reporter: Claudius Heine
>            Assignee: James E. King, III
>         Attachments: 
> 0001-cpp-TestServer-removed-while-loop-and-added-connecti.patch, 
> 0002-cpp-server-TConnectedClient-Timeouts-are-disconnecti.patch
>
>
> When starting the TestServer with the first appended patch:
> {code}
> bin/TestServer --protocol=json --transport=http --server-type=thread-pool 
> --port=9080
> {code}
> And connecting to it with this shell command:
> {code}
> wget --post-data='[' http://localhost:9080
> {code}
> The connection stays up for a long time. Making DOS attacks very easy, 
> because at some point the server runs out of available client connections.
> The second appended patch fixes the issue in TConnectedClient.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to