httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ian Morgan <imor...@webcon.net>
Subject Re: [PATCH] RecvTimeout directive for 1.3.23
Date Sat, 26 Jan 2002 20:49:02 GMT
On 26 Jan 2002, Jeff Trawick wrote:

> Ian Morgan <imorgan@webcon.net> writes:
>
> > >From the 1.3.23 ChangeLog:
> >
> > > (eg, one attack mode of the Nimda worm is to establish a connection to the
> > > server but not send an HTTP request. This connection will be timed out
> > > according to the setting of the Timeout directive, 300 seconds)
> >
> > Well, they seem to recognize the problem, anyways. Anybody know why this
> > patch isn't being accepted? It works like a charm.
>
> IIRC, it added to the server_rec which would require an API MMN bump,
> and I think somebody mentioned that on the list.

Ah, that's reasonable I suppose. I had not seen any such comment on the
list, but I suppose I may have misesd it.

Anybody have any ideas on how to implement this without touching server_rec?
(Who uses binary modules across versions without recompiling!?)


> > Download:
> > http://www.webcon.net/opensource/apache/apache_1.3.23_recv_timeout.patch
>
> --> BAD URL

Oops.. Sorry. Mixed up a "-" and an "_". It's accessible now.

> Is this in 2.0 yet?

Don't think so. There seems to be some form of support for a variety of
different timeouts is 2.0.x, but when I last looked, I don't think there was
one that handles this type of timeout for receives only. Of course, I'd be
happy to stand corrected.

Regards,
Ian Morgan
-- 
-------------------------------------------------------------------
 Ian E. Morgan        Vice President & C.O.O.         Webcon, Inc.
 imorgan@webcon.net         PGP: #2DA40D07          www.webcon.net
-------------------------------------------------------------------


Mime
View raw message