From: Hiroshi NAKAMURA <nakahiro@...>
Date: 2011-06-26T17:35:20+09:00
Subject: [ruby-core:37458] [Ruby 1.9 - Bug #4070] possible XMLRPC connectino leak


Issue #4070 has been updated by Hiroshi NAKAMURA.

Target version set to 1.9.3


----------------------------------------
Bug #4070: possible XMLRPC connectino leak
http://redmine.ruby-lang.org/issues/4070

Author: Shyouhei Urabe
Status: Assigned
Priority: Normal
Assignee: Hiroshi NAKAMURA
Category: ext
Target version: 1.9.3
ruby -v: ruby 1.9.3dev (2010-11-16 trunk 29806) [x86_64-linux]


=begin
 Hi all.
 
 We got a pull request that claims xmlrpc to have a connection leak.
 
 http://github.com/ruby/ruby/pull/1
 
 But I'm not sure if the code posted there is a "proper" use of XMLRPC module.  XMLRPC::Client instance seems to keep a TCP sessions and can issue many RPC calls from it, no need to recreate instances every time. It seems to me that the reporter's code unnecessarily opens too many TCP sessions at once and acts like a kind of DoS attack to a server.  Proposed fix ensures this usage and disables TCP session pooling.
 
 Is this a right fix that I can pull into? or should we have a better way?
=end



-- 
http://redmine.ruby-lang.org