Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop client connections on response blocking #962

Closed
krizhanovsky opened this issue Mar 19, 2018 · 0 comments
Closed

Drop client connections on response blocking #962

krizhanovsky opened this issue Mar 19, 2018 · 0 comments
Assignees
@vankoven
Labels
bug
Milestone
0.6 Tempesta TLS

Comments

@krizhanovsky
Copy link
Contributor

The issue is based on the comment #960 (review) : if tfw_http_resp_process() falls to bad_msg label, then the error/attack treatment is delegated to tfw_http_srv_error_resp_and_log(). If error responses are configured (reply parameter is true), them everything is fine. However, if we just block the response (reply is false), then current request and responses are just dropped and we continue to process next client requests. This way we break request-response sequence which we must not do.

If we block a response (as well as request), then we have to terminate client connection in respect to pipelined requests.
@krizhanovsky krizhanovsky added this to the 0.6 KTLS milestone Mar 19, 2018
This was referenced Mar 19, 2018
Open
Merged
@aleksostapenko aleksostapenko mentioned this issue Jul 27, 2018
Merged
@vankoven vankoven mentioned this issue Sep 25, 2018
Closed
vankoven added a commit that referenced this issue Dec 21, 2018
@vankoven
If error on request processing happen, don't close connection immedia…
50e73a5 
…tely, serve all pending requests first

Fix #962
@vankoven vankoven mentioned this issue Dec 21, 2018
Merged
vankoven added a commit that referenced this issue Jan 17, 2019
@vankoven
If error on request processing happen, don't close connection immedia…
9054c56 
…tely, serve all pending requests first

Fix #962
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vankoven vankoven

Labels
bug
Projects
None yet
Milestone
0.6 Tempesta TLS
Development

Successfully merging a pull request may close this issue.

Streaming mode of operation. Part I: request streaming tempesta-tech/tempesta
3 participants
@krizhanovsky @vankoven @aleksostapenko