Delay before silently closing the socket, removes an obvious DOS vector.bug21239

author: Simon MacMullen <simon@rabbitmq.com> 2010-05-19 16:04:06 +0100
committer: Simon MacMullen <simon@rabbitmq.com> 2010-05-19 16:04:06 +0100
commit: 21ed6f3bbcff2da929feb4ef7146f0ecbb9718fd (patch)
tree: 8fecc7536e7d713bc812a746866b3f5b6c897fcf
parent: 1112e5b539211ada3afff85d2d429fd155baa55e (diff)
download: rabbitmq-server-bug21239.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/src/rabbit_reader.erl b/src/rabbit_reader.erl
index 5cf519b7..cd6608ca 100644
--- a/src/rabbit_reader.erl
+++ b/src/rabbit_reader.erl
@@ -52,6 +52,7 @@
 -define(NORMAL_TIMEOUT, 3).
 -define(CLOSING_TIMEOUT, 1).
 -define(CHANNEL_TERMINATION_TIMEOUT, 3).
+-define(SLEEP_BEFORE_SILENT_CLOSE, 3000).
 
 %---------------------------------------------------------------------------
 
@@ -575,7 +576,11 @@ handle_method0(MethodName, FieldsBin, State) ->
                              end,
             case State#v1.connection_state of
                 running -> send_exception(State, 0, CompleteReason);
-                Other   -> throw({channel0_error, Other, CompleteReason})
+                %% We don't trust the client at this point - force them to wait
+                %% for a bit so they can't DOS us with repeated failed logins
+                %% etc.
+                Other   -> timer:sleep(?SLEEP_BEFORE_SILENT_CLOSE),
+                           throw({channel0_error, Other, CompleteReason})
             end
     end.
author	Simon MacMullen <simon@rabbitmq.com>	2010-05-19 16:04:06 +0100
committer	Simon MacMullen <simon@rabbitmq.com>	2010-05-19 16:04:06 +0100
commit	21ed6f3bbcff2da929feb4ef7146f0ecbb9718fd (patch)
tree	8fecc7536e7d713bc812a746866b3f5b6c897fcf
parent	1112e5b539211ada3afff85d2d429fd155baa55e (diff)
download	rabbitmq-server-bug21239.tar.gz