httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject [Patch 2.0.x] Re: svn commit: r307031 - in /httpd/httpd/branches/2.2.x: CHANGES include/ap_mmn.h include/http_core.h modules/http/http_core.c server/core.c server/core_filters.c server/protocol.c
Date Fri, 07 Oct 2005 20:25:04 GMT
Folks,

the patch below cannot be literally backported to 2.0.x.  Everyone would
agree that the echo filter is inherently a DoS attack even when it's
working as expected.  But other protocol module authors have based their
code on this module; and it was dangerous precident to never establish
any timeout.

We could, obviously, throw the same hack as mod_ftp's code in mod_echo,
prior to the first get_brigade invocation;

      client_socket = ap_get_module_config(cdata->conn_config,
                                           &core_module);
      apr_socket_timeout_set(client_socket, cdata->base_server->timeout);

but that's hackish, and truly does nothing for any existing borked
protocol module out there, written by unsuspecting authors.

Here's a proposed patch for 2.0 that would move the -initial- timeout
setting from underneath NET_TIME.  Yet it would retain the NET_TIME
filter for managing keep-alive time outs, thus maintaining all binary
and nearly identical behavior compatibility in the 2.0.x branch.

Comments?


Mime
View raw message