limit file descriptors to FD_SETSIZE

* in the event handlers, so that we don't over-run it when using
  FD_SET.  The previous code checked for > FD_SETSIZE, not
  >= FD_SETSIZE

* in new incoming sockets, after accept().  So that we don't go
  through a huge amount of work, and then discover that the FD
  is too large.

* in new outgoing sockets, after socket(), for the same reasons.

* update / clarify documentation around limits for idle_timeout

Author: alandekok

raddb/proxy.conf

@@ -552,6 +552,16 @@ home_server localhost {
 	      #  this time, the connection will be closed.
 	      #
 	      #  Setting this to 0 means "no timeout".
+	      #
+	      #  We STRONGLY RECOMMEND that you set an idle timeout.
+	      #
+	      #  Systems with many outgoing connections (500+) should
+	      #  set this value to a low number such as "5".  There
+	      #  are only a limited number of usable file descriptors
+	      #  (usually 1024) due to Posix API issues.  If many
+	      #  sockets are idle, it can prevent the server from
+	      #  opening new connections.
+	      #
 	      idle_timeout = 0
 	}
 

raddb/sites-available/default

@@ -206,11 +206,11 @@ listen {
 	      #  We STRONGLY RECOMMEND that you set an idle timeout.
 	      #
 	      #  Systems with many incoming connections (500+) should
-	      #  set this value to a lower number.  There are only a
-	      #  limited number of usable file descriptors (usually
-	      #  1024) due to Posix API issues.  If many sockets are
-	      #  idle, it can prevent the server from opening new
-	      #  connections.
+	      #  set this value to a low number, such as "5".  There
+	      #  are only a limited number of usable file descriptors
+	      #  (usually 1024) due to Posix API issues.  If many
+	      #  sockets are idle, it can prevent the server from
+	      #  opening new connections.
 	      #
 	      idle_timeout = 900
 	}

src/lib/event.c

@@ -358,6 +358,13 @@ int fr_event_fd_insert(fr_event_list_t *el, int type, int fd,
 		return 0;
 	}
 
+#ifndef HAVE_KQUEUE
+	if (fd >= FD_SETSIZE) {
+		fr_strerror_printf("Too many file descriptors! (FD %i >= %u)", fd, FD_SETSIZE);
+		return 0;
+	}
+#endif
+
 	if (type != 0) {
 		fr_strerror_printf("Invalid type %i", type);
 		return 0;
@@ -409,15 +416,7 @@ int fr_event_fd_insert(fr_event_list_t *el, int type, int fd,
 
 #else  /* HAVE_KQUEUE */
 
-	/*
-	 *	select() has limits.
-	 */
-	if (fd > FD_SETSIZE) {
-		fprintf(stderr, "FD is larger than FD_SETSIZE");
-		return 0;
-	}
-
-	if (fd > fr_ev_max_fds) {
+	if (fd >= fr_ev_max_fds) {
 		fprintf(stderr, "FD is larger than MAX FDs");
 		return 0;
 	}

src/main/listen.c

@@ -52,6 +52,10 @@ RCSID("$Id$")
 #include <sys/stat.h>
 #endif
 
+#ifdef HAVE_KQUEUE
+#include <sys/select.h>
+#endif
+
 #ifdef WITH_TLS
 #include <netinet/tcp.h>
 
@@ -1141,6 +1145,14 @@ static int dual_tcp_accept(rad_listen_t *listener)
 		return -1;
 	}
 
+#ifndef HAVE_KQUEUE
+	if (newfd >= FD_SETSIZE) {
+		RATE_LIMIT(INFO("Ignoring new connection from client %s too many connections are open", client->shortname));
+		close(newfd);
+		return 0;
+	}
+#endif
+
 	if (!fr_sockaddr2ipaddr(&src, salen, &src_ipaddr, &src_port)) {
 		close(newfd);
 		DEBUG2(" ... unknown address family");
@@ -3727,6 +3739,16 @@ rad_listen_t *proxy_new_listener(TALLOC_CTX *ctx, home_server_t *home, uint16_t
 		return NULL;
 	}
 
+#ifndef HAVE_KQUEUE
+	if (this->fd >= FD_SETSIZE) {
+		this->print(this, buffer,sizeof(buffer));
+		ERROR("Failed opening new proxy socket '%s' : FD %d is larger than maximum %u",
+		      buffer, this->fd, FD_SETSIZE);
+		home->last_failed_open = now;
+		listen_free(&this);
+		return NULL;
+	}
+#endif
 
 #ifdef WITH_TCP
 #ifdef SO_KEEPALIVE