1 |
swegener 14/06/29 18:18:56 |
2 |
|
3 |
Added: pdns-recursor-3.3-fdlimit.patch |
4 |
Log: |
5 |
Include bugfix for security bug #514946. |
6 |
|
7 |
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key 0x64D4CF24) |
8 |
|
9 |
Revision Changes Path |
10 |
1.1 net-dns/pdns-recursor/files/pdns-recursor-3.3-fdlimit.patch |
11 |
|
12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/pdns-recursor/files/pdns-recursor-3.3-fdlimit.patch?rev=1.1&view=markup |
13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/pdns-recursor/files/pdns-recursor-3.3-fdlimit.patch?rev=1.1&content-type=text/plain |
14 |
|
15 |
Index: pdns-recursor-3.3-fdlimit.patch |
16 |
=================================================================== |
17 |
--- pdns-recursor-3.3/misc.cc |
18 |
+++ pdns-recursor-3.3/misc.cc |
19 |
@@ -22,6 +22,7 @@ |
20 |
#include <netdb.h> |
21 |
#include <sys/time.h> |
22 |
#include <time.h> |
23 |
+#include <sys/resource.h> |
24 |
#include <netinet/in.h> |
25 |
#include <unistd.h> |
26 |
#endif // WIN32 |
27 |
@@ -697,3 +698,22 @@ |
28 |
} while(!strchr(buffer, '\n')); |
29 |
return true; |
30 |
} |
31 |
+ |
32 |
+unsigned int getFilenumLimit(bool hardOrSoft) |
33 |
+{ |
34 |
+ struct rlimit rlim; |
35 |
+ if(getrlimit(RLIMIT_NOFILE, &rlim) < 0) |
36 |
+ unixDie("Requesting number of available file descriptors"); |
37 |
+ return hardOrSoft ? rlim.rlim_max : rlim.rlim_cur; |
38 |
+} |
39 |
+ |
40 |
+void setFilenumLimit(unsigned int lim) |
41 |
+{ |
42 |
+ struct rlimit rlim; |
43 |
+ |
44 |
+ if(getrlimit(RLIMIT_NOFILE, &rlim) < 0) |
45 |
+ unixDie("Requesting number of available file descriptors"); |
46 |
+ rlim.rlim_cur=lim; |
47 |
+ if(setrlimit(RLIMIT_NOFILE, &rlim) < 0) |
48 |
+ unixDie("Setting number of available file descriptors"); |
49 |
+} |
50 |
--- pdns-recursor-3.3/misc.hh |
51 |
+++ pdns-recursor-3.3/misc.hh |
52 |
@@ -445,4 +445,7 @@ |
53 |
std::string dotConcat(const std::string& a, const std::string &b); |
54 |
int makeIPv6sockaddr(const std::string& addr, struct sockaddr_in6* ret); |
55 |
bool stringfgets(FILE* fp, std::string& line); |
56 |
+ |
57 |
+unsigned int getFilenumLimit(bool hardOrSoft=0); |
58 |
+void setFilenumLimit(unsigned int lim); |
59 |
#endif |
60 |
--- pdns-recursor-3.3/pdns_recursor.cc |
61 |
+++ pdns-recursor-3.3/pdns_recursor.cc |
62 |
@@ -1740,7 +1740,21 @@ |
63 |
|
64 |
g_tcpTimeout=::arg().asNum("client-tcp-timeout"); |
65 |
g_maxTCPPerClient=::arg().asNum("max-tcp-per-client"); |
66 |
- g_maxMThreads=::arg().asNum("max-mthreads"); |
67 |
+ g_maxMThreads=::arg().asNum("max-mthreads"); |
68 |
+ unsigned int availFDs=getFilenumLimit(); |
69 |
+ if(g_maxMThreads * g_numThreads > availFDs) { |
70 |
+ if(getFilenumLimit(true) >= g_maxMThreads * g_numThreads) { |
71 |
+ setFilenumLimit(g_maxMThreads * g_numThreads); |
72 |
+ L<<Logger::Warning<<"Raised soft limit on number of filedescriptors to "<<g_maxMThreads * g_numThreads<<" to match max-mthreads and threads settings"<<endl; |
73 |
+ } |
74 |
+ else { |
75 |
+ int newval = getFilenumLimit(true) / g_numThreads; |
76 |
+ L<<Logger::Warning<<"Insufficient number of filedescriptors available for max-mthreads*threads setting! ("<<availFDs<<" < "<<g_maxMThreads*g_numThreads<<"), reducing max-mthreads to "<<newval<<endl; |
77 |
+ g_maxMThreads = newval; |
78 |
+ } |
79 |
+ |
80 |
+ |
81 |
+ } |
82 |
|
83 |
if(g_numThreads == 1) { |
84 |
L<<Logger::Warning<<"Operating unthreaded"<<endl; |