Log to syslog when auth_timeout drops an incomplete connection

This is a symptom of either a denial of service attack, or a serious performance problem. Either way, sysadmins should know. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=86431
author: Simon McVittie <simon.mcvittie@collabora.co.uk> 2014-11-18 12:01:44 +0000
committer: Simon McVittie <simon.mcvittie@collabora.co.uk> 2014-11-22 10:49:21 +0000
commit: 29c64424d174a20449846479e7eeaa87821d78be (patch)
tree: 05e019a0e804fc892f36096c69e15c1e748eb209 /bus
parent: 34e5fdee4e5e43b8563e6e02b8bdc94c083b2f47 (diff)
download: dbus-29c64424d174a20449846479e7eeaa87821d78be.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/bus/connection.c b/bus/connection.c
index 519122c5..7107434f 100644
--- a/bus/connection.c
+++ b/bus/connection.c
@@ -860,6 +860,14 @@ bus_connections_expire_incomplete (BusConnections *connections)
 
           if (elapsed >= (double) auth_timeout)
             {
+              /* Unfortunately, we can't identify the connection: it doesn't
+               * have a unique name yet, we don't know its uid/pid yet,
+               * and so on. */
+              bus_context_log (connections->context, DBUS_SYSTEM_LOG_INFO,
+                  "Connection has not authenticated soon enough, closing it "
+                  "(auth_timeout=%dms, elapsed: %.0fms)",
+                  auth_timeout, elapsed);
+
               _dbus_verbose ("Timing out authentication for connection %p\n", connection);
               dbus_connection_close (connection);
             }
author	Simon McVittie <simon.mcvittie@collabora.co.uk>	2014-11-18 12:01:44 +0000
committer	Simon McVittie <simon.mcvittie@collabora.co.uk>	2014-11-22 10:49:21 +0000
commit	29c64424d174a20449846479e7eeaa87821d78be (patch)
tree	05e019a0e804fc892f36096c69e15c1e748eb209 /bus
parent	34e5fdee4e5e43b8563e6e02b8bdc94c083b2f47 (diff)
download	dbus-29c64424d174a20449846479e7eeaa87821d78be.tar.gz