Make sure that sockets undergoing accept filtering are aborted in a

LRU fashion when the listen queue fills up.  Previously, there was
no mechanism to kick out old sockets, leading to an easy DoS of
daemons using accept filtering.

Reviewed by:	alfred
MFC after:	3 days

1 files changed, 7 insertions, 1 deletions

diff --git a/sys/kern/uipc_sockbuf.c b/sys/kern/uipc_sockbuf.c
index 47bf7bb..1a8afd3 100644
--- a/sys/kern/uipc_sockbuf.c
+++ b/sys/kern/uipc_sockbuf.c
@@ -127,6 +127,7 @@ soisconnected(so)
 		head->so_incqlen--;
 		so->so_state &= ~SS_INCOMP;
 		TAILQ_INSERT_TAIL(&head->so_comp, so, so_list);
+		head->so_qlen++;
 		so->so_state |= SS_COMP;
 		sorwakeup(head);
 		wakeup_one(&head->so_timeo);
@@ -202,12 +203,17 @@ sonewconn(head, connstatus)
 	if (connstatus) {
 		TAILQ_INSERT_TAIL(&head->so_comp, so, so_list);
 		so->so_state |= SS_COMP;
+		head->so_qlen++;
 	} else {
+		if (head->so_incqlen >= head->so_qlimit) {
+			struct socket *sp;
+			sp = TAILQ_FIRST(&head->so_incomp);
+			(void) soabort(sp);
+		}
 		TAILQ_INSERT_TAIL(&head->so_incomp, so, so_list);
 		so->so_state |= SS_INCOMP;
 		head->so_incqlen++;
 	}
-	head->so_qlen++;
 	if (connstatus) {
 		sorwakeup(head);
 		wakeup((caddr_t)&head->so_timeo);