You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "William A. Rowe, Jr." <wr...@rowe-clan.net> on 2005/10/07 22:25:04 UTC
[Patch 2.0.x] Re: svn commit: r307031 - in /httpd/httpd/branches/2.2.x:
CHANGES include/ap_mmn.h include/http_core.h modules/http/http_core.c server/core.c
server/core_filters.c server/protocol.c
Folks,
the patch below cannot be literally backported to 2.0.x. Everyone would
agree that the echo filter is inherently a DoS attack even when it's
working as expected. But other protocol module authors have based their
code on this module; and it was dangerous precident to never establish
any timeout.
We could, obviously, throw the same hack as mod_ftp's code in mod_echo,
prior to the first get_brigade invocation;
client_socket = ap_get_module_config(cdata->conn_config,
&core_module);
apr_socket_timeout_set(client_socket, cdata->base_server->timeout);
but that's hackish, and truly does nothing for any existing borked
protocol module out there, written by unsuspecting authors.
Here's a proposed patch for 2.0 that would move the -initial- timeout
setting from underneath NET_TIME. Yet it would retain the NET_TIME
filter for managing keep-alive time outs, thus maintaining all binary
and nearly identical behavior compatibility in the 2.0.x branch.
Comments?