Re: [PATCH] debuginfod: PR27917 - protect against federation loops

public inbox for elfutils@sourceware.org
 help / color / mirror / Atom feed

From: "Frank Ch. Eigler" <fche@redhat.com>
To: Di Chen <dichen@redhat.com>
Cc: elfutils-devel@sourceware.org
Subject: Re: [PATCH] debuginfod: PR27917 - protect against federation loops
Date: Wed, 18 Aug 2021 18:55:41 -0400	[thread overview]
Message-ID: <20210818225541.GE6064@redhat.com> (raw)
In-Reply-To: <CAN-Pu7RbLCLLc-GtyPXzq6VKfwxi-yLBzn1pmBVMxE-iKqpAnw@mail.gmail.com>

Hi -

> This patch aims to reduce the risk by adding an option to debuginfod
> that functions kind of like an IP packet's TTL: a limit on the
> length of XFF: header that debuginfod is willing to process. If
> X-Forwarded-For: exceeds N hops, it will not delegate a local lookup
> miss to upstream debuginfods. [...]

Thank you very much!

> Commit ab38d167c40c99 causes federation loops for non-existent
> resources to result in multiple temporary livelocks, each lasting
> for $DEBUGINFOD_TIMEOUT seconds. [...]

(FWIW, the term "livelock" is not quite right here, try just
"deadlock".)

The patch looks functional, and thank you also for including the
docs and test case.  Thorough enough!

> @@ -1862,6 +1869,12 @@ handle_buildid (MHD_Connection* conn,
>    // We couldn't find it in the database.  Last ditch effort
>    // is to defer to other debuginfo servers.
> 
> +  // if X-Forwarded-For: exceeds N hops,
> +  // do not delegate a local lookup miss to upstream debuginfods.
> +  if (disable_query_server)
> +    throw reportable_exception(MHD_HTTP_NOT_FOUND, "not found,
> --forwared-ttl-limit reached \
> +and will not query the upstream servers");

One part I don't understand is why you added the code to check for XFF
length into handler_cb(), and then passed the disable_query_server
result flag to this function.  Was there some reason not to perform
the XFF comma-counting right here?

- FChE

next prev parent reply	other threads:[~2021-08-18 22:55 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-12 14:35 Di Chen
2021-08-18 22:55 ` Frank Ch. Eigler [this message]
2021-08-20 12:44   ` Di Chen
2021-08-27 17:42     ` Mark Wielaard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210818225541.GE6064@redhat.com \
    --to=fche@redhat.com \
    --cc=dichen@redhat.com \
    --cc=elfutils-devel@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).