From e99d725e76e7940fd9c0850b6c15d8bc9dd7115c Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Tue, 15 Aug 2017 08:06:32 +0800
Subject: [PATCH] ah: reuse at end of transaction has no timeout

If we complete a transaction but end up keeping the ah, we must force
a timeout on it.  Otherwise a bad bot could keep the socket open and
exhaust the ah pool.
---
 lib/server.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/lib/server.c b/lib/server.c
index b1927c32..62b49de4 100644
--- a/lib/server.c
+++ b/lib/server.c
@@ -1744,8 +1744,17 @@ lws_http_transaction_completed(struct lws *wsi)
 		if (!wsi->more_rx_waiting) {
 			wsi->u.hdr.ah->rxpos = wsi->u.hdr.ah->rxlen;
 			lws_header_table_detach(wsi, 1);
-		} else
+		} else {
 			lws_header_table_reset(wsi, 1);
+			/*
+			 * If we kept the ah, we should restrict the amount
+			 * of time we are willing to keep it.  Otherwise it
+			 * will be bound the whole time the connection remains
+			 * open.
+			 */
+			lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE,
+					wsi->vhost->keepalive_timeout);
+		}
 	}
 
 	/* If we're (re)starting on headers, need other implied init */
-- 
GitLab