httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chuck Murcko <ch...@topsail.org>
Subject Re: Apache PR#190: IdentyCheck and server accessibility
Date Wed, 26 Feb 1997 01:39:15 GMT
I agree with Ken. IDENT isn't very useful from a security standpoint,
and we should probably move it to contrib or something, since there will
always be a few who'd like to use it. Had it been built into everything,
things might be different.

+1, same conditions as Mark (10 < newtime < 60).

Marc Slemko wrote:
> 
> I will +1 a 10 second timeout.
> 
> Anything bigger than that but less than the existing one I will also +1,
> but only after people tell me that 10 seconds is too short.
> 
> On Tue, 25 Feb 1997, Rodent of Unusual Size wrote:
> 
> >     Oh, foo.  No wonder I couldn't find this in my mail; I misspelt
> >     "IdentityCheck" in the subject.
> >
> > >From the fingers of Chuck Murcko flowed the following:
> > >
> > >I'd say a nonconfigurable timeout is a bug, and we should default to the
> > >minimum recommended, which is 30 sec. for a client.
> >
> >     I'm not sure I'd agree that nonconfigurability is a bug, but I'd
> >     certainly support lowering the current default; attached is a patch.
> >     Making it configurable would be simple indeed, but I'm not sure it's
> >     a 1.2 thing.
> >
> >     The RFC1413 stuff should probably be vetted for the next version;
> >     it's not clear to me (without actually vgrepping the code) that it
> >     isn't called unnecessarily.  I also think it should be per-directory
> >     configurable, and the timeout should be settable.  I have some stuff
> >     that uses this, so I'll volunteer to work on it unless there's a -1
> >     or a resounding chorus of "itzawastatime".  (I might do it anyway.
> >     ;-)
> >
> >     #ken    :-)}
> >
> > Index: rfc1413.c
> > ===================================================================
> > RCS file: /usr/users/coar/myApache/repository/apache/src/rfc1413.c,v
> > retrieving revision 1.8
> > diff -c -r1.8 rfc1413.c
> > *** 1.8       1997/01/20 04:28:16
> > --- rfc1413.c 1997/02/25 11:42:06
> > ***************
> > *** 93,99 ****
> >   /* rough limit on the amount of data we accept. */
> >   #define RFC1413_MAXDATA 1000
> >
> > ! #define RFC1413_TIMEOUT     60
> >   #define     ANY_PORT        0               /* Any old port will do */
> >   #define FROM_UNKNOWN  "unknown"
> >
> > --- 93,99 ----
> >   /* rough limit on the amount of data we accept. */
> >   #define RFC1413_MAXDATA 1000
> >
> > ! #define RFC1413_TIMEOUT     30
> >   #define     ANY_PORT        0               /* Any old port will do */
> >   #define FROM_UNKNOWN  "unknown"
> >
> >

-- 
chuck
Chuck Murcko
The Topsail Group, West Chester PA USA
chuck@topsail.org

Mime
View raw message