summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2017-01-18 14:25:26 +0100
committerLinus Nordberg <linus@nordu.net>2017-01-18 14:25:26 +0100
commitf3619bf65967255e1009fec42b28007b49e0f4e4 (patch)
treefb3b5abaa2ef1b37465f53bc88c29dbdb5320a26
parent829c65af8e4eee61168f3499c8fb23d458dbf0d3 (diff)
Use a listen(2) backlog of 128.
There's a chance that incoming (legitimate) connections arrive faster than what it takes to spawn a new thread and get back to listen(). Therefore we should ask the stack to queue at least one entry, i.e. use a backlog value of at least 1. There's arguable also a chance of more than two concurrent incoming connections, which would make a case for a backlog value greater than one. A reasonable high value seems to be 128, which also is what SOMAXCONN is on many unix systems. In the choice between 1 and 128, an argument against the higher value is that it may mask the potential problem of spending a long time serving incoming connections. Being reasonably confident that radsecproxy is efficient when it comes to serving incoming connections, by handing them off to a newly spawned thread, I think that 128 is a fine choice. Closes RADSECPROXY-72.
-rw-r--r--tcp.c2
-rw-r--r--tls.c2
2 files changed, 2 insertions, 2 deletions
diff --git a/tcp.c b/tcp.c
index e903cc5..77a6044 100644
--- a/tcp.c
+++ b/tcp.c
@@ -349,7 +349,7 @@ void *tcplistener(void *arg) {
struct sockaddr_storage from;
socklen_t fromlen = sizeof(from);
- listen(*sp, 0);
+ listen(*sp, 128);
for (;;) {
s = accept(*sp, (struct sockaddr *)&from, &fromlen);
diff --git a/tls.c b/tls.c
index f1b0f29..bbf9da3 100644
--- a/tls.c
+++ b/tls.c
@@ -460,7 +460,7 @@ void *tlslistener(void *arg) {
struct sockaddr_storage from;
socklen_t fromlen = sizeof(from);
- listen(*sp, 0);
+ listen(*sp, 128);
for (;;) {
s = accept(*sp, (struct sockaddr *)&from, &fromlen);