[7644] in bugtraq
Re: Apache DoS Attack
daemon@ATHENA.MIT.EDU (Dean Gaudet)
Wed Aug 12 19:27:01 1998
Date: Wed, 12 Aug 1998 15:37:59 -0700
Reply-To: Dean Gaudet <dgaudet-list-bugtraq@ARCTIC.ORG>
From: Dean Gaudet <dgaudet-list-bugtraq@ARCTIC.ORG>
X-To: Pim van Riezen <pim@WEBCITY.NL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <35D11E9F.CB5DBB4B@webcity.nl>
On Tue, 11 Aug 1998, Pim van Riezen wrote:
> Is there any good reason for any of these programs to merge headers
> internally in the first place?
The HTTP standard requires semantic equivalence between merged and
unmerged forms of the headers. See RFC2068, section 4.2. So yeah, you
have to think about this problem if you intend to implement the
protocol... there's a few other things in the standard you should
consider too ;) You'll run into it rather fast, I believe some versions
of Lynx send several "Accept" headers.
Apache treats headers as a single string, and it merges them as it's
allowed to. The merge was O(n^2) space. It's O(n*lg(n)) time, O(n) space
in our current development version.
An alternative is to preparse the headers and use a linked list. This
would be a large change to the Apache API, and won't be attempted in the
1.x timeframe.
Dean
