Fixed interaction of limit_rate and sendfile_max_chunk.
It's possible that configured limit_rate will permit more bytes per
single operation than sendfile_max_chunk. To protect disk from takeover
by a single client it is necessary to apply sendfile_max_chunk as a limit
regardless of configured limit_rate.
See here for report (in Russian):
http://mailman.nginx.org/pipermail/nginx-ru/2010-March/032806.html
diff --git a/src/http/ngx_http_write_filter_module.c b/src/http/ngx_http_write_filter_module.c
index f5dc6c1..a9660ee 100644
--- a/src/http/ngx_http_write_filter_module.c
+++ b/src/http/ngx_http_write_filter_module.c
@@ -223,11 +223,14 @@
return NGX_AGAIN;
}
- } else if (clcf->sendfile_max_chunk) {
- limit = clcf->sendfile_max_chunk;
+ if (clcf->sendfile_max_chunk
+ && (off_t) clcf->sendfile_max_chunk < limit)
+ {
+ limit = clcf->sendfile_max_chunk;
+ }
} else {
- limit = 0;
+ limit = clcf->sendfile_max_chunk;
}
sent = c->sent;
@@ -265,14 +268,15 @@
delay = (ngx_msec_t) ((nsent - sent) * 1000 / r->limit_rate);
if (delay > 0) {
+ limit = 0;
c->write->delayed = 1;
ngx_add_timer(c->write, delay);
}
+ }
- } else if (c->write->ready
- && clcf->sendfile_max_chunk
- && (size_t) (c->sent - sent)
- >= clcf->sendfile_max_chunk - 2 * ngx_pagesize)
+ if (limit
+ && c->write->ready
+ && c->sent - sent >= limit - (off_t) (2 * ngx_pagesize))
{
c->write->delayed = 1;
ngx_add_timer(c->write, 1);
