Bug 5953 - session limit can be exceeded through race in newsession
Summary: session limit can be exceeded through race in newsession
Status: NEW
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: VSM Server (show other bugs)
Version: pre-1.0
Hardware: PC Unknown
: P2 Normal
Target Milestone: MediumPrio
Assignee: Henrik Andersson
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-07-14 13:32 CEST by Pierre Ossman
Modified: 2023-06-28 10:41 CEST (History)
3 users (show)

See Also:
Acceptance Criteria:


Attachments

Description Pierre Ossman cendio 2016-07-14 13:32:53 CEST
The handler for "newsession" has a race in it where both /vsmserver/max_sessions_per_user and the license limit can be exceeded with the right timing.

The problem is that both of these limits are checked before we do any changes to the session database. So multiple newsession calls could be running concurrently, and all get through.

One easy method of provoking this is by quickly clicking the login button in the HTML client multiple times.
Comment 2 Pierre Ossman cendio 2016-07-14 14:02:06 CEST
(In reply to comment #0)
> One easy method of provoking this is by quickly clicking the login button in
> the HTML client multiple times.

Unless you're a Firefox user, since Firefox has protection against submitting a form multiple times. :)

Chrome and Internet Explorer will however happily spam the server.
Comment 4 Samuel Mannehed cendio 2017-03-31 14:46:20 CEST
Moving from 'MediumPrio' to '--' for discussion.

Through following the test instructions found here https://intranet.lkpg.cendio.se/ThinLinc/Testing/Server#License_checks_.28C.29 I can reproduce both with 4.7.0post build 5404 and 4.7.0 server using the native ThinLinc client.

> 2017-03-31 14:23:30 INFO vsmserver.license: License summary: 5 concurrent users. Hard limit of 6 concurrent users. 
> 2017-03-31 14:23:30 INFO vsmserver.session: Loaded 0 sessions for 0 users from file
> 2017-03-31 14:27:10 INFO vsmserver.session: User with uid 1003 (user1) requested a new session
> 2017-03-31 14:27:11 INFO vsmserver.session: User with uid 1004 (user2) requested a new session
> 2017-03-31 14:27:12 INFO vsmserver.session: User with uid 1005 (user3) requested a new session
> 2017-03-31 14:27:13 INFO vsmserver: VSM Agent 127.0.0.1 successfully created a new session for user1
> 2017-03-31 14:27:13 INFO vsmserver.session: User with uid 1006 (user4) requested a new session
> 2017-03-31 14:27:13 INFO vsmserver: VSM Agent 127.0.0.1 successfully created a new session for user2
> 2017-03-31 14:27:14 INFO vsmserver.session: User with uid 1007 (user5) requested a new session
> 2017-03-31 14:27:14 INFO vsmserver: VSM Agent 127.0.0.1 successfully created a new session for user3
> 2017-03-31 14:27:15 INFO vsmserver.session: User with uid 1008 (user6) requested a new session
> 2017-03-31 14:27:16 INFO vsmserver: VSM Agent 127.0.0.1 successfully created a new session for user4
> 2017-03-31 14:27:16 INFO vsmserver.session: User with uid 1009 (user7) requested a new session
> 2017-03-31 14:27:17 INFO vsmserver: VSM Agent 127.0.0.1 successfully created a new session for user5
> 2017-03-31 14:27:17 INFO vsmserver.session: User with uid 1010 (user8) requested a new session
> 2017-03-31 14:27:17 WARNING vsmserver.license: LICENSE VIOLATION: New session will exceed allowed use of 5 concurrent users. Hard limit of 6 concurrent users. 5 unique users currently running 5 sessions using 5 licenses
> 2017-03-31 14:27:18 INFO vsmserver: VSM Agent 127.0.0.1 successfully created a new session for user6
> 2017-03-31 14:27:18 INFO vsmserver.session: User with uid 1011 (user9) requested a new session
> 2017-03-31 14:27:18 WARNING vsmserver.license: LICENSE VIOLATION: Hit max number of concurrent users. Not allowing session for user9
> 2017-03-31 14:27:19 INFO vsmserver: VSM Agent 127.0.0.1 successfully created a new session for user7
> 2017-03-31 14:27:19 INFO vsmserver.session: User with uid 1012 (user10) requested a new session
> 2017-03-31 14:27:19 WARNING vsmserver.license: LICENSE VIOLATION: Hit max number of concurrent users. Not allowing session for user10
> 2017-03-31 14:27:20 INFO vsmserver: VSM Agent 127.0.0.1 successfully created a new session for user8
> 2017-03-31 14:27:20 INFO vsmserver.session: User with uid 1013 (user11) requested a new session
> 2017-03-31 14:27:20 WARNING vsmserver.license: LICENSE VIOLATION: Hit max number of concurrent users. Not allowing session for user11
Comment 5 Pierre Ossman cendio 2017-04-04 15:29:45 CEST
The double click of the login button has been moved to bug 6223 and this bug is now exclusively about the server issues.
Comment 6 Linn cendio 2023-05-29 17:00:47 CEST
I managed to consistently reproduce this race condition on Fedora 37 when using the following script to quickly login in with a bunch of users:
> for i in {1..11}; do tlclient -u user$i -p <pass> <hostname> & sleep 1; done
The race condition showed by allowing connection for 1-2 users more than the hard limit shown by tl-show-licenses. When I increased the sleep to 5, I was no longer able to reproduce the issue.


Convenience script to generate a bunch of users:
> for i in {1..60}; do sudo useradd -m user$i; (echo <pass>; echo <pass>) | sudo passwd user$i; done

Note You need to log in before you can comment on or make changes to this bug.