Thanks Rémy! > On Jun 2, 2018, at 12:49 PM, Rémy Maucherat <r...@apache.org> wrote: > > On Sat, Jun 2, 2018 at 9:25 PM Alex Marchevskiy <a...@backblaze.com> wrote: > >> Hi Rémy, >> >> Thank you for your quick follow up to the issue posted by Adam. I have >> been reviewing the patch from r1832519 and it appears that if a connection >> is established and no bytes are sent, the socket remains open indefinitely >> waiting for the handshakeReadCompletionHandler to callback. Hence it would >> be possible for a malicious user to establish enough connections to match >> the OS file descriptor limit and prevent Tomcat from servicing any new >> connections simply by keeping the connections open and not sending any >> data. >> > > Ok, there were three read operations that did not have a timeout and that > is now fixed as well. However, the timeout is often "longish", so it won't > make such a big difference anyway and NIO2 is not supposed to operate with > any real connection limit. > > Rémy
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
