Win32: Emulate the blocking send/recv calls that were called in these functions

when the timeout was set to 0. This is a bit of a hack but it is an improvement
over the original code. A better fix would involve making too many other changes
to the server that I would prefer not to make in the 1.3 tree.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93572 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/src/main/buff.c b/src/main/buff.c
index 189e074af4affa61662f83ff978a01626ec45535..2062d35b1324aa6fcd6f8fe3b46a7eb9d7790b52 100644 (file)
--- a/src/main/buff.c
+++ b/src/main/buff.c
@@ -139,6 +139,17 @@ API_EXPORT(int) ap_sendwithtimeout(int sock, const char *buf, int len, int flags
 
     tv.tv_sec = ap_check_alarm();
 
+    /* If ap_sendwithtimeout is called with an invalid timeout
+     * set a default timeout of 300 seconds. This hack is needed
+     * to emulate the non-blocking send() that was removed in 
+     * the previous patch to this function. Network servers
+     * should never make network i/o calls w/o setting a timeout.
+     * (doing otherwise opens a DoS attack exposure)
+     */
+    if (tv.tv_sec <= 0) {
+        tv.tv_sec = 300;
+    }
+
     rv = ioctlsocket(sock, FIONBIO, (u_long*)&iostate);
     iostate = 0;
     if (rv) {
@@ -205,6 +216,17 @@ API_EXPORT(int) ap_recvwithtimeout(int sock, char *buf, int len, int flags)
 
     tv.tv_sec = ap_check_alarm();
 
+    /* If ap_recvwithtimeout is called with an invalid timeout
+     * set a default timeout of 300 seconds. This hack is needed
+     * to emulate the non-blocking recv() that was removed in 
+     * the previous patch to this function. Network servers
+     * should never make network i/o calls w/o setting a timeout.
+     * (doing otherwise opens a DoS attack exposure)
+     */
+    if (tv.tv_sec <= 0) {
+        tv.tv_sec = 300;
+    }
+
     rv = ioctlsocket(sock, FIONBIO, (u_long*)&iostate);
     iostate = 0;
     ap_assert(!rv);