Commit 28926a09 authored by Marcelo Ricardo Leitner's avatar Marcelo Ricardo Leitner Committed by David Teigland

dlm: fix connection stealing if using SCTP

When using SCTP and accepting a new connection, DLM currently validates
if the peer trying to connect to it is one of the cluster nodes, but it
doesn't check if it already has a connection to it or not.

If it already had a connection, it will be overwritten, and the new one
will be used for writes, possibly causing the node to leave the cluster
due to communication breakage.

Still, one could DoS the node by attempting N connections and keeping
them open.

As said, but being explicit, both situations are only triggerable from
other cluster nodes, but are doable with only user-level perms.
Signed-off-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: default avatarDavid Teigland <teigland@redhat.com>
parent f7644cbf
......@@ -535,7 +535,9 @@ static void close_connection(struct connection *con, bool and_other)
mutex_unlock(&con->sock_mutex);
}
/* We only send shutdown messages to nodes that are not part of the cluster */
/* We only send shutdown messages to nodes that are not part of the cluster
* or if we get multiple connections from a node.
*/
static void sctp_send_shutdown(sctp_assoc_t associd)
{
static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
......@@ -718,6 +720,14 @@ static void process_sctp_notification(struct connection *con,
if (!new_con)
return;
if (new_con->sock) {
log_print("reject connect from node %d: "
"already has a connection.",
nodeid);
sctp_send_shutdown(prim.ssp_assoc_id);
return;
}
/* Peel off a new sock */
lock_sock(con->sock->sk);
ret = sctp_do_peeloff(con->sock->sk,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment