httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexei Kosut <ako...@nueva.pvt.k12.ca.us>
Subject Re: [PATCH] buff.c bug fix
Date Sat, 25 Jan 1997 09:22:05 GMT
On Sat, 25 Jan 1997, Dean Gaudet wrote:

> I've mailed Henrik to ask him to help me reproduce the bug.  I wasn't able
> to do it against my server, but I was just force feeding it a hand-made
> set of GET/HEADs and eye-balling the result.  The buff.c patch I gave
> probably won't help the problem at all. 

Okay. If you've emailed him, I'm happy.

> I'll make up a patch for the flush() behaviour.  Something like a call
> into the buff.c code to either test the buffer or do a select() and answer
> yes-no if there's data waiting.

Yes; That'd probably do it.

> I'm moderately concerned about DoS attacks without some limit on
> keep-alive sessions.  Emphasis on moderate.

Agreed. How's this: we simply modify the configuration code so that it
takes "KeepAlive On|Off" (or a number for backwards-compatibility's
sake), but sets the code internally to, say, 50. The actual protocol
code wouldn't have to be changed at all (which was the reason I had
hesitated to do it at all in a late beta).

For example, here's a patch (why are we all up at 1 in the morning,
anyhow?):

Index: http_core.c
===================================================================
RCS file: /export/home/cvs/apache/src/http_core.c,v
retrieving revision 1.60
diff -c -r1.60 http_core.c
*** http_core.c	1997/01/24 07:42:45	1.60
--- http_core.c	1997/01/25 09:20:06
***************
*** 899,905 ****
  }
  
  const char *set_keep_alive (cmd_parms *cmd, void *dummy, char *arg) {
!     cmd->server->keep_alive = atoi (arg);
      return NULL;
  }
  
--- 899,912 ----
  }
  
  const char *set_keep_alive (cmd_parms *cmd, void *dummy, char *arg) {
!     /* We've changed it to On/Off, but used to use numbers
!      * so we accept anything but "Off" or "0" as "On"
!      */
!     if (!strcasecmp(arg, "off") || !strcmp(arg, "0"))
! 	cmd->server->keep_alive = 0;
!     else
! 	/* We don't really want them to go on forever... */
! 	cmd->server->keep_alive = 50;
      return NULL;
  }
  
***************
*** 1172,1178 ****
    "The pathname the server can be reached at" },
  { "Timeout", set_timeout, NULL, RSRC_CONF, TAKE1, "Timeout duration (sec)"},
  { "KeepAliveTimeout", set_keep_alive_timeout, NULL, RSRC_CONF, TAKE1, "Keep-Alive timeout
duration (sec)"},
! { "KeepAlive", set_keep_alive, NULL, RSRC_CONF, TAKE1, "Maximum Keep-Alive requests per
connection (0 to disable)" },
  { "IdentityCheck", set_idcheck, NULL, RSRC_CONF|ACCESS_CONF, FLAG, "Enable identd (RFC931)
user lookups - SLOW" },
  { "ContentDigest", set_content_md5, NULL, RSRC_CONF|ACCESS_CONF|OR_AUTHCFG, FLAG, "whether
or not to send a Content-MD5 header with each request" },
  { "StartServers", set_daemons_to_start, NULL, RSRC_CONF, TAKE1, "Number of child processes
launched at server startup" },
--- 1179,1185 ----
    "The pathname the server can be reached at" },
  { "Timeout", set_timeout, NULL, RSRC_CONF, TAKE1, "Timeout duration (sec)"},
  { "KeepAliveTimeout", set_keep_alive_timeout, NULL, RSRC_CONF, TAKE1, "Keep-Alive timeout
duration (sec)"},
! { "KeepAlive", set_keep_alive, NULL, RSRC_CONF, TAKE1, "Whether persistent connections should
be On or Off" },
  { "IdentityCheck", set_idcheck, NULL, RSRC_CONF|ACCESS_CONF, FLAG, "Enable identd (RFC931)
user lookups - SLOW" },
  { "ContentDigest", set_content_md5, NULL, RSRC_CONF|ACCESS_CONF|OR_AUTHCFG, FLAG, "whether
or not to send a Content-MD5 header with each request" },
  { "StartServers", set_daemons_to_start, NULL, RSRC_CONF, TAKE1, "Number of child processes
launched at server startup" },


-- 
________________________________________________________________________
Alexei Kosut <akosut@nueva.pvt.k12.ca.us>      The Apache HTTP Server
URL: http://www.nueva.pvt.k12.ca.us/~akosut/   http://www.apache.org/




Mime
View raw message