slow-lorris-protection

2025-03-16 08:29:02 +00:00 · 2017-11-24 00:09:43 +01:00 · 2017-11-24 00:09:43 +01:00 · d96fb0fbe9
commit d96fb0fbe9
parent 11fa3190da
1 changed files with 35 additions and 0 deletions
--- a/response.sh
+++ b/response.sh
@ -19,6 +19,38 @@ server[requestTime]="$(date +%s)"
 server[requestTimeFloat]="$(($(date +%s%N)/1000))"
 server[requestTimeReadable]="$(date --rfc-3339=ns)"

+requestTimeout() {
+	echo "$(date --rfc-3339=ns) - ${server[remoteAddress]}:${server[remotePort]} - Error: request timeout" 1>&2
+	
+	content="408 Request Timeout
+The client did not produce a request within the time that the server was prepared to wait. The client MAY repeat the request without modifications at any later time
+"
+	status=408
+
+	length=$(printf "%s" "$content" | wc -c)
+
+	echo -en "HTTP/1.1 $status $(./statusString.sh $status)\r\n"
+	echo -en "Content-Length: $length\r\n"
+	echo -en "Content-Type: text/plain\r\n"
+	echo -en "\r\n"
+	printf "%s" "$content"
+
+	exit 1
+}
+
+trap requestTimeout SIGUSR1
+
+headerTimeout=10
+set +bm
+headerTimer() {
+	pid=$1
+	timeout=$2
+	sleep $2
+	kill -USR1 $pid
+}
+headerTimer $$ $headerTimeout &
+headerTimerPid=$!
+
 declare -A headers
 first=1
 while true; do
@ -42,6 +74,9 @@ while true; do
 	headers[$(echo $header | awk -F: '{ print $1}')]="$(echo "$header" | awk '{for (i=2; i<=NF; i++) print $i}')"
 done

+kill -TERM $headerTimerPid 
+wait $headerTimerPid 2> /dev/null
+
 if test "$first" = 1; then
 	# wut?
 	echo "$(date --rfc-3339=ns) - ${server[remoteAddress]}:${server[remotePort]} - Error: Malformed HTTP request; ignoring" 1>&2