[BUG] stream_sock: ensure orphan listeners don't accept too many connections
For listeners that are not bound to a frontend, the limit on the
number of accepted connections is tested at the end of the accept()
loop, but we don't break out of the loop, meaning that if more
connections than what the listener allows are available and if this
is less than the proxy's limits and within the size of a batch, then
they could be accepted. In practice, this problem currently cannot
appear since all listeners are bound to a frontend, and it's a very
minor issue anyway.
1.4 has the same issue (which cannot happen there either), but there
is some code after it, so it's the code cleanup which revealed it.
diff --git a/src/stream_sock.c b/src/stream_sock.c
index dc04d35..c5cd1e5 100644
--- a/src/stream_sock.c
+++ b/src/stream_sock.c
@@ -1293,6 +1293,7 @@
if (l->nbconn >= l->maxconn) {
EV_FD_CLR(l->fd, DIR_RD);
l->state = LI_FULL;
+ return 0;
}
} /* end of while (p->feconn < p->maxconn) */
return 0;