… | |
… | |
278 | For example, a server accepting connections from untrusted sources should |
278 | For example, a server accepting connections from untrusted sources should |
279 | be configured to accept only so-and-so much data that it cannot act on |
279 | be configured to accept only so-and-so much data that it cannot act on |
280 | (for example, when expecting a line, an attacker could send an unlimited |
280 | (for example, when expecting a line, an attacker could send an unlimited |
281 | amount of data without a callback ever being called as long as the line |
281 | amount of data without a callback ever being called as long as the line |
282 | isn't finished). |
282 | isn't finished). |
|
|
283 | |
|
|
284 | =item wbuf_max => <bytes> |
|
|
285 | |
|
|
286 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
|
|
287 | when the write buffer ever (strictly) exceeds this size. This is useful to |
|
|
288 | avoid some forms of denial-of-service attacks. |
|
|
289 | |
|
|
290 | Although the units of this parameter is bytes, this is the I<raw> number |
|
|
291 | of bytes not yet accepted by the kernel. This can make a difference when |
|
|
292 | you e.g. use TLS, as TLS typically makes your write data larger (but it |
|
|
293 | can also make it smaller due to compression). |
|
|
294 | |
|
|
295 | As an example of when this limit is useful, take a chat server that sends |
|
|
296 | chat messages to a client. If the client does not read those in a timely |
|
|
297 | manner then the send buffer in the server would grow unbounded. |
283 | |
298 | |
284 | =item autocork => <boolean> |
299 | =item autocork => <boolean> |
285 | |
300 | |
286 | When disabled (the default), C<push_write> will try to immediately |
301 | When disabled (the default), C<push_write> will try to immediately |
287 | write the data to the handle if possible. This avoids having to register |
302 | write the data to the handle if possible. This avoids having to register |
… | |
… | |
740 | |
755 | |
741 | =item $handle->rbuf_max ($max_octets) |
756 | =item $handle->rbuf_max ($max_octets) |
742 | |
757 | |
743 | Configures the C<rbuf_max> setting (C<undef> disables it). |
758 | Configures the C<rbuf_max> setting (C<undef> disables it). |
744 | |
759 | |
|
|
760 | =item $handle->wbuf_max ($max_octets) |
|
|
761 | |
|
|
762 | Configures the C<wbuf_max> setting (C<undef> disables it). |
|
|
763 | |
745 | =cut |
764 | =cut |
746 | |
765 | |
747 | sub rbuf_max { |
766 | sub rbuf_max { |
748 | $_[0]{rbuf_max} = $_[1]; |
767 | $_[0]{rbuf_max} = $_[1]; |
|
|
768 | } |
|
|
769 | |
|
|
770 | sub rbuf_max { |
|
|
771 | $_[0]{wbuf_max} = $_[1]; |
749 | } |
772 | } |
750 | |
773 | |
751 | ############################################################################# |
774 | ############################################################################# |
752 | |
775 | |
753 | =item $handle->timeout ($seconds) |
776 | =item $handle->timeout ($seconds) |
… | |
… | |
873 | if $cb && $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}); |
896 | if $cb && $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}); |
874 | } |
897 | } |
875 | |
898 | |
876 | =item $handle->push_write ($data) |
899 | =item $handle->push_write ($data) |
877 | |
900 | |
878 | Queues the given scalar to be written. You can push as much data as you |
901 | Queues the given scalar to be written. You can push as much data as |
879 | want (only limited by the available memory), as C<AnyEvent::Handle> |
902 | you want (only limited by the available memory and C<wbuf_max>), as |
880 | buffers it independently of the kernel. |
903 | C<AnyEvent::Handle> buffers it independently of the kernel. |
881 | |
904 | |
882 | This method may invoke callbacks (and therefore the handle might be |
905 | This method may invoke callbacks (and therefore the handle might be |
883 | destroyed after it returns). |
906 | destroyed after it returns). |
884 | |
907 | |
885 | =cut |
908 | =cut |
… | |
… | |
913 | $cb->() unless $self->{autocork}; |
936 | $cb->() unless $self->{autocork}; |
914 | |
937 | |
915 | # if still data left in wbuf, we need to poll |
938 | # if still data left in wbuf, we need to poll |
916 | $self->{_ww} = AE::io $self->{fh}, 1, $cb |
939 | $self->{_ww} = AE::io $self->{fh}, 1, $cb |
917 | if length $self->{wbuf}; |
940 | if length $self->{wbuf}; |
|
|
941 | |
|
|
942 | if ( |
|
|
943 | defined $self->{wbuf_max} |
|
|
944 | && $self->{wbuf_max} < length $self->{wbuf} |
|
|
945 | ) { |
|
|
946 | $self->_error (Errno::ENOSPC, 1), return; |
|
|
947 | } |
918 | }; |
948 | }; |
919 | } |
949 | } |
920 | |
950 | |
921 | our %WH; |
951 | our %WH; |
922 | |
952 | |