- Ditch the pathetic "and security holes fixed" "feature" which should

[privoxy.git] / jbsockets.c

diff --git a/jbsockets.c b/jbsockets.c
index 4925b7f..6f66e1c 100644 (file)
--- a/jbsockets.c
+++ b/jbsockets.c
@@ -1,4 +1,4 @@
-const char jbsockets_rcs[] = "$Id: jbsockets.c,v 1.41 2006/11/13 19:05:51 fabiankeil Exp $";
+const char jbsockets_rcs[] = "$Id: jbsockets.c,v 1.44 2007/09/15 13:01:31 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/jbsockets.c,v $
@@ -35,6 +35,22 @@ const char jbsockets_rcs[] = "$Id: jbsockets.c,v 1.41 2006/11/13 19:05:51 fabian
  *
  * Revisions   :
  *    $Log: jbsockets.c,v $
+ *    Revision 1.44  2007/09/15 13:01:31  fabiankeil
+ *    Increase listen() backlog to SOMAXCONN (or 128) to decrease
+ *    chances of dropped connections under load. Problem reported
+ *    and fix suggested by nobody in BR#1795281.
+ *
+ *    Revision 1.43  2007/06/01 18:16:36  fabiankeil
+ *    Use the same mutex for gethostbyname() and gethostbyaddr() to prevent
+ *    deadlocks and crashes on OpenBSD and possibly other OS with neither
+ *    gethostbyname_r() nor gethostaddr_r(). Closes BR#1729174.
+ *    Thanks to Ralf Horstmann for report and solution.
+ *
+ *    Revision 1.42  2007/04/01 17:37:07  fabiankeil
+ *    - Add DNS retries for Solaris and other systems
+ *      whose gethostbyname_r version takes five arguments.
+ *    - Move maximum number of DNS retries into a macro.
+ *
  *    Revision 1.41  2006/11/13 19:05:51  fabiankeil
  *    Make pthread mutex locking more generic. Instead of
  *    checking for OSX and OpenBSD, check for FEATURE_PTHREAD
@@ -295,6 +311,9 @@ const char jbsockets_h_rcs[] = JBSOCKETS_H_VERSION;
  */
 #define MAX_DNS_RETRIES 10
 
+#define MAX_LISTEN_BACKLOG 128
+
+
 /*********************************************************************
  *
  * Function    :  connect_to
@@ -642,7 +661,7 @@ int bind_port(const char *hostnam, int portnum, jb_socket *pfd)
     * duplicate instances of Privoxy from being caught.
     *
     * On UNIX, we assume the user is sensible enough not
-    * to start Junkbuster multiple times on the same IP.
+    * to start Privoxy multiple times on the same IP.
     * Without this, stopping and restarting Privoxy
     * from a script fails.
     * Note: SO_REUSEADDR is meant to only take over
@@ -671,7 +690,7 @@ int bind_port(const char *hostnam, int portnum, jb_socket *pfd)
       }
    }
 
-   while (listen(fd, 5) == -1)
+   while (listen(fd, MAX_LISTEN_BACKLOG) == -1)
    {
       if (errno != EINTR)
       {
@@ -769,10 +788,10 @@ int accept_connection(struct client_state * csp, jb_socket fd)
          host = NULL;
       }
 #elif FEATURE_PTHREAD
-      pthread_mutex_lock(&gethostbyaddr_mutex);
+      pthread_mutex_lock(&resolver_mutex);
       host = gethostbyaddr((const char *)&server.sin_addr, 
                            sizeof(server.sin_addr), AF_INET);
-      pthread_mutex_unlock(&gethostbyaddr_mutex);
+      pthread_mutex_unlock(&resolver_mutex);
 #else
       host = gethostbyaddr((const char *)&server.sin_addr, 
                            sizeof(server.sin_addr), AF_INET);
@@ -865,7 +884,7 @@ unsigned long resolve_hostname_to_ip(const char *host)
          hostp = NULL;
       }
 #elif FEATURE_PTHREAD
-      pthread_mutex_lock(&gethostbyname_mutex);
+      pthread_mutex_lock(&resolver_mutex);
       while (NULL == (hostp = gethostbyname(host))
              && (h_errno == TRY_AGAIN) && (dns_retries++ < MAX_DNS_RETRIES))
       {   
@@ -873,7 +892,7 @@ unsigned long resolve_hostname_to_ip(const char *host)
             "Timeout #%u while trying to resolve %s. Trying again.",
             dns_retries, host);
       }
-      pthread_mutex_unlock(&gethostbyname_mutex);
+      pthread_mutex_unlock(&resolver_mutex);
 #else
       while (NULL == (hostp = gethostbyname(host))
              && (h_errno == TRY_AGAIN) && (dns_retries++ < MAX_DNS_RETRIES))