core: shorten the wait time in ap_lingering_close() if the

"short-lingering-close" connection note is set.

mod_reqtimeout: Instead of setting c->aborted, use the "short-lingering-close"
connection note to shut down the connection quickly while still giving the
client a chance to receive the error message.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@923418 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/filters/mod_reqtimeout.c b/modules/filters/mod_reqtimeout.c
index ccb9ea18ee5df730cc50a51e46f98697562b8d39..0b7e3375c591497d2c664ce3f2cdb4a7d42bec14 100644 (file)
--- a/modules/filters/mod_reqtimeout.c
+++ b/modules/filters/mod_reqtimeout.c
@@ -266,13 +266,12 @@ out:
         ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c,
                       "Request %s read timeout", ccfg->type);
         /*
-         * If we allow lingering close, the client may keep this
+         * If we allow a normal lingering close, the client may keep this
          * process/thread busy for another 30s (MAX_SECS_TO_LINGER).
-         * Therefore we have to abort the connection. The downside is
-         * that the client will most likely not receive the error
-         * message.
+         * Therefore we tell ap_lingering_close() to shorten this period to
+         * 2s (SECONDS_TO_LINGER).
          */
-        f->c->aborted = 1;
+        apr_table_setn(f->c->notes, "short-lingering-close", "1");
     }
     return rv;
 }

diff --git a/server/connection.c b/server/connection.c
index 7de143128420fe912bc1316607bdf67bd215c1a3..8436ea06e37228ad5b2613407174b95916f2df1a 100644 (file)
--- a/server/connection.c
+++ b/server/connection.c
@@ -152,8 +152,20 @@ AP_DECLARE(void) ap_lingering_close(conn_rec *c)
             break;
 
         if (timeup == 0) {
-            /* First time through; calculate now + 30 seconds. */
-            timeup = apr_time_now() + apr_time_from_sec(MAX_SECS_TO_LINGER);
+            /*
+             * First time through;
+             * calculate now + 30 seconds (MAX_SECS_TO_LINGER).
+             *
+             * If some module requested a shortened waiting period, only wait for
+             * 2s (SECONDS_TO_LINGER). This is useful for mitigating certain
+             * DoS attacks.
+             */
+            if (apr_table_get(c->notes, "short-lingering-close")) {
+                timeup = apr_time_now() + apr_time_from_sec(SECONDS_TO_LINGER);
+            }
+            else {
+                timeup = apr_time_now() + apr_time_from_sec(MAX_SECS_TO_LINGER);
+            }
             continue;
         }
     } while (apr_time_now() < timeup);