lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080921220926.GA18569@fc6222126.aspadmin.net>
Date:	Sun, 21 Sep 2008 17:09:26 -0500
From:	lkml@...garu.com
To:	Alan Cox <alan@...rguk.ukuu.org.uk>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: Honoring SO_RCVLOWAT in proto_ops.poll methods

On Sun, Sep 21, 2008 at 09:13:37PM +0100, Alan Cox wrote:
> Thats a gloriously insane way of trying to do HTTP/1.1, and one I'm not
> sure is actually viable in the real world because the TCP window may be
> smaller than the number of bytes required to find a Host: header - so you
> may simply not be able to receive it via MSG_PEEK. In particular mobile
> phone gateways have a nasty habit of using very small windows.
> 
> > I just don't see a good solution for what I'm doing other than MSG_PEEK
> > and SO_RCVLOWAT, any ideas?
> 
> I don't either, and while I don't agree that what you are doing for
> HTTP/1.1 is remotely sane there are probably other cases this would be
> both sane and useful which does suggest fixing it would be beneficial

I somewhat agree that it's insane, but it should be possible and what I've
done already works most of the time.  With some additional special handling
of the missing Host: case what I have might be a viable general case
solution.

For now httpx just drops the connection when Host: isn't found as it's a
work in progress.  I wanted to get this out there largely for you guys to
see "Hey maybe there's a practical need for MSG_PEEK & SO_RCVLOWAT behaving
differently than it does".  It seems to have been effective in this
respect and I am hugely appreciative of your attention, time, and input.
 
As a proof of concept httpx already has some people scratching their heads
because name-based vhosting can be a nightmare with the venerable Apache.  A
solution like mine could alleviate alot of that.  With some work and a way
to sleep on peek with a rcvbuf < rcvlowat there might be something quite
interesting for the web hosting world.

Cheers,
Vito Caputo


--------------------------------------------------------------------------------
For those of you on the list:  I had replied to Alan directly but since
Alan CC'd the list in his response I've continued with that format.  For
those of you in the dark, httpx is my insane app using the MSG_PEEK and
SO_RCVLOWAT being referred to above, you can find it here:
http://serverkit.org/modules/httpx/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ