Changes with Apache 2.0.47
+ *) SECURITY [CAN-2003-0253]: Fixed a bug in prefork MPM causing
+ temporary denial of service when accept() on a rarely accessed port
+ returns certain errors. Reported by Saheed Akhtar
+ <S.Akhtar@talis.com>. [Jeff Trawick]
+
*) SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
of service when target host is IPv6 but proxy server can't create
IPv6 socket. Fixed by the reporter. [Yoshioka Tsuneo
/* if we accept() something we don't want to die, so we have to
* defer the exit
*/
- for (;;) {
- status = listensocks[offset].accept_func(&csd,
- &listensocks[offset], ptrans);
+ status = listensocks[offset].accept_func(&csd,
+ &listensocks[offset], ptrans);
+ SAFE_ACCEPT(accept_mutex_off()); /* unlock after "accept" */
- if (status == APR_SUCCESS) {
- break;
- }
- if (status == APR_EGENERAL) {
- /* resource shortage or should-not-occur occured */
- clean_child_exit(1);
- }
- if (APR_STATUS_IS_EINTR(status) && one_process && shutdown_pending) {
- return;
- }
+ if (status == APR_EGENERAL) {
+ /* resource shortage or should-not-occur occured */
+ clean_child_exit(1);
+ }
+ else if (status != APR_SUCCESS) {
+ continue;
}
- SAFE_ACCEPT(accept_mutex_off()); /* unlock after "accept" */
/*
* We now have a connection, so set it up with the appropriate