peer: enforce max egress packet queue size

2 files changed, 11 insertions, 3 deletions

diff --git a/src/consts.rs b/src/consts.rs
index 0905808..3806bb6 100644
--- a/src/consts.rs
+++ b/src/consts.rs
@@ -30,3 +30,6 @@ pub const TRANSPORT_OVERHEAD: usize = TRANSPORT_HEADER_SIZE + AEAD_TAG_SIZE;
 pub const MAX_SEGMENT_SIZE: usize = (1 << 16) - 1;
 pub const MAX_CONTENT_SIZE: usize = MAX_SEGMENT_SIZE - TRANSPORT_OVERHEAD;
 pub const PADDING_MULTIPLE: usize = 16;
+
+pub const MAX_QUEUED_INCOMING_HANDSHAKES: usize = 4096;
+pub const MAX_QUEUED_PACKETS: usize = 1024;
diff --git a/src/peer.rs b/src/peer.rs
index 41a1e34..4780ace 100644
--- a/src/peer.rs
+++ b/src/peer.rs
@@ -1,7 +1,8 @@
 use anti_replay::AntiReplay;
 use byteorder::{ByteOrder, LittleEndian};
 use consts::{TRANSPORT_OVERHEAD, TRANSPORT_HEADER_SIZE, REKEY_AFTER_MESSAGES, REKEY_AFTER_TIME,
-             REKEY_AFTER_TIME_RECV, REJECT_AFTER_TIME, REJECT_AFTER_MESSAGES, PADDING_MULTIPLE};
+             REKEY_AFTER_TIME_RECV, REJECT_AFTER_TIME, REJECT_AFTER_MESSAGES, PADDING_MULTIPLE,
+             MAX_QUEUED_PACKETS};
 use cookie;
 use failure::{Error, err_msg};
 use interface::UtunPacket;
@@ -166,8 +167,12 @@ impl Peer {
     }
 
     pub fn queue_egress(&mut self, packet: UtunPacket) {
-        self.outgoing_queue.push_back(packet);
-        self.last_tun_queue = Timestamp::now();
+        if self.outgoing_queue.len() < MAX_QUEUED_PACKETS {
+            self.outgoing_queue.push_back(packet);
+            self.last_tun_queue = Timestamp::now();
+        } else {
+            debug!("dropping pending egress packet because the queue is full");
+        }
     }
 
     pub fn needs_new_handshake(&self, sending: bool) -> bool {