| … | |
… | |
| 278 | For example, a server accepting connections from untrusted sources should |
278 | For example, a server accepting connections from untrusted sources should |
| 279 | be configured to accept only so-and-so much data that it cannot act on |
279 | be configured to accept only so-and-so much data that it cannot act on |
| 280 | (for example, when expecting a line, an attacker could send an unlimited |
280 | (for example, when expecting a line, an attacker could send an unlimited |
| 281 | amount of data without a callback ever being called as long as the line |
281 | amount of data without a callback ever being called as long as the line |
| 282 | isn't finished). |
282 | isn't finished). |
|
|
283 | |
|
|
284 | =item wbuf_max => <bytes> |
|
|
285 | |
|
|
286 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
|
|
287 | when the write buffer ever (strictly) exceeds this size. This is useful to |
|
|
288 | avoid some forms of denial-of-service attacks. |
|
|
289 | |
|
|
290 | Although the units of this parameter is bytes, this is the I<raw> number |
|
|
291 | of bytes not yet accepted by the kernel. This can make a difference when |
|
|
292 | you e.g. use TLS, as TLS typically makes your write data larger (but it |
|
|
293 | can also make it smaller due to compression). |
|
|
294 | |
|
|
295 | As an example of when this limit is useful, take a chat server that sends |
|
|
296 | chat messages to a client. If the client does not read those in a timely |
|
|
297 | manner then the send buffer in the server would grow unbounded. |
| 283 | |
298 | |
| 284 | =item autocork => <boolean> |
299 | =item autocork => <boolean> |
| 285 | |
300 | |
| 286 | When disabled (the default), C<push_write> will try to immediately |
301 | When disabled (the default), C<push_write> will try to immediately |
| 287 | write the data to the handle if possible. This avoids having to register |
302 | write the data to the handle if possible. This avoids having to register |
| … | |
… | |
| 740 | |
755 | |
| 741 | =item $handle->rbuf_max ($max_octets) |
756 | =item $handle->rbuf_max ($max_octets) |
| 742 | |
757 | |
| 743 | Configures the C<rbuf_max> setting (C<undef> disables it). |
758 | Configures the C<rbuf_max> setting (C<undef> disables it). |
| 744 | |
759 | |
|
|
760 | =item $handle->wbuf_max ($max_octets) |
|
|
761 | |
|
|
762 | Configures the C<wbuf_max> setting (C<undef> disables it). |
|
|
763 | |
| 745 | =cut |
764 | =cut |
| 746 | |
765 | |
| 747 | sub rbuf_max { |
766 | sub rbuf_max { |
| 748 | $_[0]{rbuf_max} = $_[1]; |
767 | $_[0]{rbuf_max} = $_[1]; |
|
|
768 | } |
|
|
769 | |
|
|
770 | sub rbuf_max { |
|
|
771 | $_[0]{wbuf_max} = $_[1]; |
| 749 | } |
772 | } |
| 750 | |
773 | |
| 751 | ############################################################################# |
774 | ############################################################################# |
| 752 | |
775 | |
| 753 | =item $handle->timeout ($seconds) |
776 | =item $handle->timeout ($seconds) |
| … | |
… | |
| 873 | if $cb && $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}); |
896 | if $cb && $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}); |
| 874 | } |
897 | } |
| 875 | |
898 | |
| 876 | =item $handle->push_write ($data) |
899 | =item $handle->push_write ($data) |
| 877 | |
900 | |
| 878 | Queues the given scalar to be written. You can push as much data as you |
901 | Queues the given scalar to be written. You can push as much data as |
| 879 | want (only limited by the available memory), as C<AnyEvent::Handle> |
902 | you want (only limited by the available memory and C<wbuf_max>), as |
| 880 | buffers it independently of the kernel. |
903 | C<AnyEvent::Handle> buffers it independently of the kernel. |
| 881 | |
904 | |
| 882 | This method may invoke callbacks (and therefore the handle might be |
905 | This method may invoke callbacks (and therefore the handle might be |
| 883 | destroyed after it returns). |
906 | destroyed after it returns). |
| 884 | |
907 | |
| 885 | =cut |
908 | =cut |
| … | |
… | |
| 913 | $cb->() unless $self->{autocork}; |
936 | $cb->() unless $self->{autocork}; |
| 914 | |
937 | |
| 915 | # if still data left in wbuf, we need to poll |
938 | # if still data left in wbuf, we need to poll |
| 916 | $self->{_ww} = AE::io $self->{fh}, 1, $cb |
939 | $self->{_ww} = AE::io $self->{fh}, 1, $cb |
| 917 | if length $self->{wbuf}; |
940 | if length $self->{wbuf}; |
|
|
941 | |
|
|
942 | if ( |
|
|
943 | defined $self->{wbuf_max} |
|
|
944 | && $self->{wbuf_max} < length $self->{wbuf} |
|
|
945 | ) { |
|
|
946 | $self->_error (Errno::ENOSPC, 1), return; |
|
|
947 | } |
| 918 | }; |
948 | }; |
| 919 | } |
949 | } |
| 920 | |
950 | |
| 921 | our %WH; |
951 | our %WH; |
| 922 | |
952 | |
