Hello, Upon some initial testing of the patch we have found some conditions to which this will still break, consider the following:
Put something like this into your php file,
for ($i = 1; $i <= 2000; $i++) {
header("x$i: $i");
}
Set your rate limit pretty low and it will cause the headers to be larger than
the chunk size,
and you will see an error with those responses such as this:
curl -H'Host: cptestaddon.com' http://10.215.218.12/
curl: (56) Illegal or missing hexadecimal sequence in chunked-encoding
which of course means the page doesn’t load.
Real world how often is it set that low is unknown but thought we’d share our
findings.
Cory
> On Jul 19, 2018, at 2:53 PM, Cory McIntire <[email protected]> wrote:
>
> Hello Yann,
>
> We can confirm this patch works on our end. We’ll apply this and send out an
> update.
>
>> On Jul 19, 2018, at 2:41 PM, Yann Ylavic <[email protected]> wrote:
>>
>> On Thu, Jul 19, 2018 at 8:23 PM, Luca Toscano <[email protected]> wrote:
>>>
>>> Yann, any idea?
>>
>> Looks like we missed the simplest case :/
>>
>> Index: modules/filters/mod_ratelimit.c
>> ===================================================================
>> --- modules/filters/mod_ratelimit.c (revision 1835556)
>> +++ modules/filters/mod_ratelimit.c (working copy)
>> @@ -208,7 +208,7 @@ rate_limit_filter(ap_filter_t *f, apr_bucket_briga
>> ap_remove_output_filter(f);
>> }
>> else if (!APR_BUCKET_IS_FLUSH(e)) {
>> - if (APR_BRIGADE_EMPTY(bb)) {
>> + if (ctx->do_sleep && APR_BRIGADE_EMPTY(bb)) {
>> /* Wait for more (or next call) */
>> break;
>> }
>> _
>
> Much appreciated,
> Cory
>
smime.p7s
Description: S/MIME cryptographic signature
