Commit 950306fc authored by Linus Nordberg's avatar Linus Nordberg

Use a listen(2) backlog of 128.

There's a chance that incoming (legitimate) connections arrive faster
than what it takes to spawn a new thread and get back to
listen(). Therefore we should ask the stack to queue at least one
entry, i.e. use a backlog value of at least 1. There's arguable also a
chance of more than two concurrent incoming connections, which would
make a case for a backlog value greater than one.

A reasonable high value seems to be 128, which also is what SOMAXCONN
is on many unix systems. In the choice between 1 and 128, an argument
against the higher value is that it may mask the potential problem of
spending a long time serving incoming connections.

Being reasonably confident that radsecproxy is efficient when it comes
to serving incoming connections, by handing them off to a newly
spawned thread, I think that 128 is a fine choice.

Closes RADSECPROXY-72.
parent 3c321320
2017-10-?? 1.6.9
Misc:
- Use a listen(2) backlog of 128 (RADSECPROXY-72).
Bug fixes:
- Completely reload CAs and CRLs with cacheExpiry (RADSECPROXY-50).
- Tie Access-Request log lines to response log lines (RADSECPROXY-60).
......
......@@ -353,7 +353,7 @@ void *tcplistener(void *arg) {
struct sockaddr_storage from;
socklen_t fromlen = sizeof(from);
listen(*sp, 0);
listen(*sp, 128);
for (;;) {
s = accept(*sp, (struct sockaddr *)&from, &fromlen);
......
......@@ -467,7 +467,7 @@ void *tlslistener(void *arg) {
struct sockaddr_storage from;
socklen_t fromlen = sizeof(from);
listen(*sp, 0);
listen(*sp, 128);
for (;;) {
s = accept(*sp, (struct sockaddr *)&from, &fromlen);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment