httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: [PATCH] buff.c bug fix
Date Sat, 25 Jan 1997 15:56:46 GMT

+1 


> On Sat, 25 Jan 1997, Dean Gaudet wrote:
> 
> > I've mailed Henrik to ask him to help me reproduce the bug.  I wasn't able
> > to do it against my server, but I was just force feeding it a hand-made
> > set of GET/HEADs and eye-balling the result.  The buff.c patch I gave
> > probably won't help the problem at all. 
> 
> Okay. If you've emailed him, I'm happy.
> 
> > I'll make up a patch for the flush() behaviour.  Something like a call
> > into the buff.c code to either test the buffer or do a select() and answer
> > yes-no if there's data waiting.
> 
> Yes; That'd probably do it.
> 
> > I'm moderately concerned about DoS attacks without some limit on
> > keep-alive sessions.  Emphasis on moderate.
> 
> Agreed. How's this: we simply modify the configuration code so that it
> takes "KeepAlive On|Off" (or a number for backwards-compatibility's
> sake), but sets the code internally to, say, 50. The actual protocol
> code wouldn't have to be changed at all (which was the reason I had
> hesitated to do it at all in a late beta).
> 
> For example, here's a patch (why are we all up at 1 in the morning,
> anyhow?):
> 
> Index: http_core.c
> ===================================================================
> RCS file: /export/home/cvs/apache/src/http_core.c,v
> retrieving revision 1.60
> diff -c -r1.60 http_core.c
> *** http_core.c	1997/01/24 07:42:45	1.60
> --- http_core.c	1997/01/25 09:20:06
> ***************
> *** 899,905 ****
>   }
>   
>   const char *set_keep_alive (cmd_parms *cmd, void *dummy, char *arg) {
> !     cmd->server->keep_alive = atoi (arg);
>       return NULL;
>   }
>   
> --- 899,912 ----
>   }
>   
>   const char *set_keep_alive (cmd_parms *cmd, void *dummy, char *arg) {
> !     /* We've changed it to On/Off, but used to use numbers
> !      * so we accept anything but "Off" or "0" as "On"
> !      */
> !     if (!strcasecmp(arg, "off") || !strcmp(arg, "0"))
> ! 	cmd->server->keep_alive = 0;
> !     else
> ! 	/* We don't really want them to go on forever... */
> ! 	cmd->server->keep_alive = 50;
>       return NULL;
>   }
>   
> ***************
> *** 1172,1178 ****
>     "The pathname the server can be reached at" },
>   { "Timeout", set_timeout, NULL, RSRC_CONF, TAKE1, "Timeout duration (sec)"},
>   { "KeepAliveTimeout", set_keep_alive_timeout, NULL, RSRC_CONF, TAKE1, "Keep-Alive timeout
duration (sec)"},
> ! { "KeepAlive", set_keep_alive, NULL, RSRC_CONF, TAKE1, "Maximum Keep-Alive requests
per connection (0 to disable)" },
>   { "IdentityCheck", set_idcheck, NULL, RSRC_CONF|ACCESS_CONF, FLAG, "Enable identd (RFC931)
user lookups - SLOW" },
>   { "ContentDigest", set_content_md5, NULL, RSRC_CONF|ACCESS_CONF|OR_AUTHCFG, FLAG, "whether
or not to send a Content-MD5 header with each request" },
>   { "StartServers", set_daemons_to_start, NULL, RSRC_CONF, TAKE1, "Number of child processes
launched at server startup" },
> --- 1179,1185 ----
>     "The pathname the server can be reached at" },
>   { "Timeout", set_timeout, NULL, RSRC_CONF, TAKE1, "Timeout duration (sec)"},
>   { "KeepAliveTimeout", set_keep_alive_timeout, NULL, RSRC_CONF, TAKE1, "Keep-Alive timeout
duration (sec)"},
> ! { "KeepAlive", set_keep_alive, NULL, RSRC_CONF, TAKE1, "Whether persistent connections
should be On or Off" },
>   { "IdentityCheck", set_idcheck, NULL, RSRC_CONF|ACCESS_CONF, FLAG, "Enable identd (RFC931)
user lookups - SLOW" },
>   { "ContentDigest", set_content_md5, NULL, RSRC_CONF|ACCESS_CONF|OR_AUTHCFG, FLAG, "whether
or not to send a Content-MD5 header with each request" },
>   { "StartServers", set_daemons_to_start, NULL, RSRC_CONF, TAKE1, "Number of child processes
launched at server startup" },
> 
> 
> -- 
> ________________________________________________________________________
> Alexei Kosut <akosut@nueva.pvt.k12.ca.us>      The Apache HTTP Server
> URL: http://www.nueva.pvt.k12.ca.us/~akosut/   http://www.apache.org/
> 
> 




Mime
View raw message