On Tue, Oct 5, 2010 at 19:11, Alan T DeKok <al...@freeradius.org> wrote: > Magnus Hagander wrote: >> Actually, nevermind that one. Here's a patch I worked up from your >> description, and that turns out to be fairly similar to yours in what >> it does I think - except I'm not rearranging the code into a separate >> function. We already have a while-loop. > > Thanks. The only comment I have is that the hard-code 100000 could be > USECS_PER_SEC.
That's hardcoded elsewhere in the backend though, and we've not used USECS_PER_SEC anywhere else. So for consistency.. >> See attached context diff, and I've also included a diff without >> whitespace changes since the majority of the diff is otherwise coming >> from indenting the code one tab... >> >> (so far untested, I seem to have deleted my test-instance of the >> radius server, but I figured I should post my attempt anyway) > > I can set up a test server if you want. Nah, I should get mine back up. If you can test the complete patch in your environment (particularly if you already have a "bad packet injector" that you know creates the issue on 9.0), that would be great though. >> Also, my patch does not change from log to warning - note that warning >> is actually *below* log when it comes to the logfile (see >> log_min_messages comments in postgresql.conf). I keep making that >> mistake myself... > > OK. My only interest there was to ensure that a DoS attack wouldn't > result in the log being flooded with "invalid packet" messages. Uh, how exactly does your patch prevent that? -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/ -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
