https://redmine.lighttpd.net/https://redmine.lighttpd.net/favicon.ico?13667327412010-01-21T23:32:34Zlighty labsLighttpd - Bug #2147: slow request dos/oom attackhttps://redmine.lighttpd.net/issues/2147?journal_id=67182010-01-21T23:32:34Zstbuehler
<ul><li><strong>File</strong> <a href="/attachments/1088">fix-2147-in-1.4.x.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1088/fix-2147-in-1.4.x.patch">fix-2147-in-1.4.x.patch</a> added</li></ul><p>So, i think i have a patch for 1.4.x:</p>
<ul>
<li>Remove ssl_error_want_reuse_buffer for SSL_read:<br /> Although the manual states we have to use the same arguments in the next call after SSL_ERROR_WANT_*, it has been running without this in 1.5 for a long time now.</li>
<li>As POST-data chunks get copied to the next queue, we reuse chunks there as well.</li>
</ul> Lighttpd - Bug #2147: slow request dos/oom attackhttps://redmine.lighttpd.net/issues/2147?journal_id=67192010-01-22T14:08:38Zstbuehler
<ul><li><strong>File</strong> <i>slowclient.sh</i> added</li></ul><p>I wrote a small shell script which does "slow" upload (testing with 60000 bytes post data, small header).<br />On 1.4.x the effect is not that bad ("only" a small factor of wasted memory), as the buffers were allocated with the ioctl FIONREAD size. On system which don't support this it is probably worse (4k pages).<br />The above patch seems to have fixed that problem for 1.4.x. Didn't test ssl yet.</p> Lighttpd - Bug #2147: slow request dos/oom attackhttps://redmine.lighttpd.net/issues/2147?journal_id=67212010-01-22T17:47:08Zstbuehler
<ul><li><strong>File</strong> <a href="/attachments/1091">fix-2147-in-1.4.x.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1091/fix-2147-in-1.4.x.patch">fix-2147-in-1.4.x.patch</a> added</li><li><strong>File</strong> <a href="/attachments/1092">fix-2147-in-1.5.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1092/fix-2147-in-1.5.patch">fix-2147-in-1.5.patch</a> added</li></ul><p>To test ssl I replaced <code>nc 127.0.0.1 8081</code> with <code>openssl s_client -connect 127.0.0.1:8443</code> in the shell script.<br />1.5 already has some improved request handling and will throw away POST-data for static files immediately.</p>
<p>Attached new fix for 1.4.x and fix for 1.5.</p> Lighttpd - Bug #2147: slow request dos/oom attackhttps://redmine.lighttpd.net/issues/2147?journal_id=67382010-01-29T18:31:14Zstbuehler
<ul><li><strong>File</strong> <a href="/attachments/1097">fix-2147-in-1.5.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1097/fix-2147-in-1.5.patch">fix-2147-in-1.5.patch</a> added</li></ul><p>Fix a bug in the patch for 1.5 (forgot to replace buffer_copy_string_len with buffer_append_string_len).</p> Lighttpd - Bug #2147: slow request dos/oom attackhttps://redmine.lighttpd.net/issues/2147?journal_id=67592010-02-01T15:32:21Zstbuehler
<ul><li><strong>File</strong> deleted (<del><i>slowclient.sh</i></del>)</li></ul> Lighttpd - Bug #2147: slow request dos/oom attackhttps://redmine.lighttpd.net/issues/2147?journal_id=67602010-02-01T23:27:45Zstbuehler
<ul><li><strong>Project</strong> changed from <i>2</i> to <i>Lighttpd</i></li></ul> Lighttpd - Bug #2147: slow request dos/oom attackhttps://redmine.lighttpd.net/issues/2147?journal_id=67612010-02-01T23:30:03Zstbuehler
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Fixed</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Applied in changeset r2710.</p>