diff options
author | in2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2005-04-20 17:34:19 +0800 |
---|---|---|
committer | in2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2005-04-20 17:34:19 +0800 |
commit | eaa73de381ee283ff5e0da64ee49bfecddb21723 (patch) | |
tree | bff8d7eda27d9c2b138963f91cdb1b54c28ec923 /cacheserver | |
parent | 98d2b0e42f38b5fa8993ef1caf27aaebddfc5fb4 (diff) | |
download | pttbbs-eaa73de381ee283ff5e0da64ee49bfecddb21723.tar pttbbs-eaa73de381ee283ff5e0da64ee49bfecddb21723.tar.gz pttbbs-eaa73de381ee283ff5e0da64ee49bfecddb21723.tar.bz2 pttbbs-eaa73de381ee283ff5e0da64ee49bfecddb21723.tar.lz pttbbs-eaa73de381ee283ff5e0da64ee49bfecddb21723.tar.xz pttbbs-eaa73de381ee283ff5e0da64ee49bfecddb21723.tar.zst pttbbs-eaa73de381ee283ff5e0da64ee49bfecddb21723.zip |
add NOFLOODING on utmpserver
git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@2701 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
Diffstat (limited to 'cacheserver')
-rw-r--r-- | cacheserver/utmpserver.c | 150 |
1 files changed, 110 insertions, 40 deletions
diff --git a/cacheserver/utmpserver.c b/cacheserver/utmpserver.c index 2fb3f7ab..05a5ccfd 100644 --- a/cacheserver/utmpserver.c +++ b/cacheserver/utmpserver.c @@ -9,6 +9,23 @@ struct { int reject[MAX_REJECT]; } utmp[USHM_SIZE]; +#ifdef NOFLOODING +#define MAXWAIT 1024 +#define FLUSHTIME (3600*6) + +struct { + time_t lasttime; + int count; +} flooding[MAX_USERS]; + +int nWaits, lastflushtime; +struct { + int uid; + int fd; + int index; +} waitqueue[MAXWAIT]; +#endif /* NOFLOODING */ + inline int countarray(int *s, int max) { int i; @@ -68,11 +85,70 @@ void initdata(int index) sizeof(int), qsort_intcompar); } +inline void syncutmp(int cfd) +{ + int nSynced = 0, i; + for( i = 0 ; i < USHM_SIZE ; ++i, ++nSynced ) + if( toread(cfd, &utmp[i].uid, sizeof(utmp[i].uid)) > 0 && + toread(cfd, utmp[i].friend, sizeof(utmp[i].friend)) > 0 && + toread(cfd, utmp[i].reject, sizeof(utmp[i].reject)) > 0 ){ + if( utmp[i].uid ) + initdata(i); + } + else + for( ; i < USHM_SIZE ; ++i ) + utmp[i].uid = 0; + close(cfd); + fprintf(stderr, "%d users synced\n", nSynced); +} + +void processlogin(int cfd, int uid, int index) +{ + if( toread(cfd, utmp[index].friend, sizeof(utmp[index].friend)) > 0 && + toread(cfd, utmp[index].reject, sizeof(utmp[index].reject)) > 0 ){ + /* 因為 logout 的時候並不會通知 utmpserver , 可能會查到一些 + 已經 logout 的帳號。所以不能只取 MAX_FRIEND 而要多取一些 */ +#define MAX_FS (2 * MAX_FRIEND) + int iu, nFrs, stat, rstat; + ocfs_t fs[MAX_FS]; + + utmp[index].uid = uid; + initdata(index); + + for( nFrs = iu = 0 ; iu < USHM_SIZE && nFrs < MAX_FS ; ++iu ) + if( iu != index && utmp[iu].uid ){ + if( (stat = set_friend_bit(index, iu)) ){ + rstat = reverse_friend_stat(stat); + fs[nFrs].index = iu; + fs[nFrs].uid = utmp[iu].uid; + fs[nFrs].friendstat = (stat << 24) + iu; + fs[nFrs].rfriendstat = (rstat << 24) + index; + ++nFrs; + } + } + + towrite(cfd, &fs, sizeof(ocfs_t) * nFrs); + } + close(cfd); +} + +#ifdef NOFLOODING +void flushwaitqueue(void) +{ + int i; + for( i = 0 ; i < nWaits ; ++i ) + processlogin(waitqueue[i].fd, waitqueue[i].uid, waitqueue[i].index); + lastflushtime = time(NULL); + nWaits = 0; + memset(flooding, 0, sizeof(flooding)); +} +#endif + /* XXX 具有被 DoS 的可能, 請用 firewall 之類擋起來 */ int main(int argc, char **argv) { struct sockaddr_in clientaddr; - int ch, port = 5120, sfd, cfd, len, index, i, uid; + int ch, port = 5120, sfd, cfd, len, index, uid; char *iface_ip = NULL; while( (ch = getopt(argc, argv, "p:i:h")) != -1 ) @@ -92,7 +168,15 @@ int main(int argc, char **argv) if( (sfd = tobind(iface_ip, port)) < 0 ) return 1; +#ifdef NOFLOODING + lastflushtime = time(NULL); +#endif while( 1 ){ +#ifdef NOFLOODING + if( lastflushtime < (time(NULL) - 1800) ) + flushwaitqueue(); +#endif + len = sizeof(clientaddr); if( (cfd = accept(sfd, (struct sockaddr *)&clientaddr, &len)) < 0 ){ if( errno != EINTR ) @@ -101,49 +185,35 @@ int main(int argc, char **argv) } toread(cfd, &index, sizeof(index)); if( index == -1 ){ - int nSynced = 0; - for( i = 0 ; i < USHM_SIZE ; ++i, ++nSynced ) - if( toread(cfd, &utmp[i].uid, sizeof(utmp[i].uid)) > 0 && - toread(cfd, utmp[i].friend, sizeof(utmp[i].friend)) > 0 && - toread(cfd, utmp[i].reject, sizeof(utmp[i].reject)) > 0 ){ - if( utmp[i].uid ) - initdata(i); - } - else - for( ; i < USHM_SIZE ; ++i ) - utmp[i].uid = 0; - close(cfd); - fprintf(stderr, "%d users synced\n", nSynced); + syncutmp(cfd); continue; } - if( toread(cfd, &uid, sizeof(uid)) > 0 && - toread(cfd, utmp[index].friend, sizeof(utmp[index].friend)) > 0 && - toread(cfd, utmp[index].reject, sizeof(utmp[index].reject)) > 0 ){ - /* 因為 logout 的時候並不會通知 utmpserver , 可能會查到一些 - 已經 logout 的帳號。所以不能只取 MAX_FRIEND 而要多取一些 */ -#define MAX_FS (2 * MAX_FRIEND) - int iu, nFrs, stat, rstat; - ocfs_t fs[MAX_FS]; - - utmp[index].uid = uid; - initdata(index); - - for( nFrs = iu = 0 ; iu < USHM_SIZE && nFrs < MAX_FS ; ++iu ) - if( iu != index && utmp[iu].uid ){ - if( (stat = set_friend_bit(index, iu)) ){ - rstat = reverse_friend_stat(stat); - fs[nFrs].index = iu; - fs[nFrs].uid = utmp[iu].uid; - fs[nFrs].friendstat = (stat << 24) + iu; - fs[nFrs].rfriendstat = (rstat << 24) + index; - ++nFrs; - } - } - - towrite(cfd, &fs, sizeof(ocfs_t) * nFrs); + if( toread(cfd, &uid, sizeof(uid)) > 0 ){ + if( !(0 < uid || uid > MAX_USERS) ){ /* for safety */ + close(cfd); + continue; + } + +#ifdef NOFLOODING + if( (time(NULL) - flooding[uid].lasttime) < 20 ) + ++flooding[uid].count; + if( flooding[uid].count > 10 ){ + if( nWaits == MAXWAIT ) + flushwaitqueue(); + waitqueue[nWaits].uid = uid; + waitqueue[nWaits].index = index; + waitqueue[nWaits].fd = cfd; + ++nWaits; + + continue; + } + flooding[uid].lasttime = time(NULL); +#endif + + /* cfd will be closed in processlogin() */ + processlogin(cfd, uid, index); } - close(cfd); } return 0; } |