[Python-Dev] Socket timeout: reset timeout at each successful syscall?
Ludovic Gasc
gmludo at gmail.com
Sat Apr 4 16:05:24 CEST 2015
On Sat, Apr 4, 2015 at 1:27 PM, Antoine Pitrou <solipsis at pitrou.net> wrote:
> On Fri, 3 Apr 2015 13:56:44 +0200
> Victor Stinner <victor.stinner at gmail.com> wrote:
> >
> > The problem is that the socket.sendall() method may require multiple
> > syscalls. In this case, does the timeout count for the total time or
> > only for a single syscall? Asked differently: should we reset the
> > timeout each time a syscall succeed?
>
> From a user's point of view, it should count for the total time, IMO.
> If people want a timeout for each syscall, they should call send()
> iteratively.
I'm agree with Antoine for a global timeout.
When you exchange data with the external world, very often, you can't trust
the other part.
If you reset the timeout each time you send or receive something, the other
part could use this property to send few bytes during a long time to force
you to block for almost nothing during a longer time than with a global
timeout.
It's like an old granny at the checkout of a supermarket who pays coin by
coin, you don't know if only her age or if she purposely be as slow.
It's the same principle with Slowloris attack:
http://ha.ckers.org/slowloris/
BTW, when I've learnt AsyncIO, I've reimplemented Slowloris attack with
AsyncIO in a quick'd'dirty Python script.
The funny thing is that the Python script consumed less CPU and was more
efficient than the original Perl script.
If somebody is interested in, I can send you the script.
--
Ludovic Gasc (GMLudo)
http://www.gmludo.eu/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20150404/45f98b27/attachment.html>
More information about the Python-Dev
mailing list