[BUG] stream_sock: ensure orphan listeners don't accept too many connections

For listeners that are not bound to a frontend, the limit on the
number of accepted connections is tested at the end of the accept()
loop, but we don't break out of the loop, meaning that if more
connections than what the listener allows are available and if this
is less than the proxy's limits and within the size of a batch, then
they could be accepted. In practice, this problem currently cannot
appear since all listeners are bound to a frontend, and it's a very
minor issue anyway.

1.4 has the same issue (which cannot happen there either), but there
is some code after it, so it's the code cleanup which revealed it.

diff --git a/src/stream_sock.c b/src/stream_sock.c
index dc04d35b418c7cc64b951a1627013f3d671a10b0..c5cd1e5a883c5ac4969f1502f766da961dea979c 100644 (file)
--- a/src/stream_sock.c
+++ b/src/stream_sock.c
@@ -1293,6 +1293,7 @@ int stream_sock_accept(int fd)
                if (l->nbconn >= l->maxconn) {
                        EV_FD_CLR(l->fd, DIR_RD);
                        l->state = LI_FULL;
+                       return 0;
                }
        } /* end of while (p->feconn < p->maxconn) */
        return 0;