From: claudio <claudio@openbsd.org>
Date: Mon, 17 May 2021 10:47:07 +0000 (+0000)
Subject: Limit the number of concurrent RTR connects to 32.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=7bb4de2baf795e02d078d2f3c9e0a03752b3de5d;p=openbsd

Limit the number of concurrent RTR connects to 32.
If the limit is hit the request will be dropped and the rtr process will
retry the connect after the retry timeout. Hopefully by then the number of
connections is down again.
OK deraadt@ benno@
---

diff --git a/usr.sbin/bgpd/bgpd.c b/usr.sbin/bgpd/bgpd.c
index d670e302cac..88427f5a1e9 100644
--- a/usr.sbin/bgpd/bgpd.c
+++ b/usr.sbin/bgpd/bgpd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bgpd.c,v 1.236 2021/05/11 07:57:24 claudio Exp $ */
+/*	$OpenBSD: bgpd.c,v 1.237 2021/05/17 10:47:07 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -74,6 +74,7 @@ struct connect_elm {
 TAILQ_HEAD( ,connect_elm)	connect_queue = \
 				    TAILQ_HEAD_INITIALIZER(connect_queue);
 u_int				connect_cnt;
+#define MAX_CONNECT_CNT		32
 
 void
 sighdlr(int sig)
@@ -1304,6 +1305,12 @@ bgpd_rtr_connect(struct rtr_config *r)
 	struct sockaddr *sa;
 	socklen_t len;
 
+	if (connect_cnt >= MAX_CONNECT_CNT) {
+		log_warnx("rtr %s: too many concurrent connection requests",
+		    r->descr);
+		return;
+	}
+
 	if ((ce = calloc(1, sizeof(*ce))) == NULL) {
 		log_warn("rtr %s", r->descr);
 		return;