Set timeout for client socket (slow client DoS).

2026-01-14 11:09:11 +08:00 · 2012-09-07 17:08:28 +04:00 · 2012-09-07 17:08:28 +04:00 · aa22115cfc
commit aa22115cfc
parent 75933bae81
3 changed files with 13 additions and 0 deletions
--- a/gunicorn/workers/async.py
+++ b/gunicorn/workers/async.py
@ -28,6 +28,7 @@ class AsyncWorker(base.Worker):
    def handle(self, client, addr):
        req = None
        try:
            client.settimeout(self.cfg.timeout)
            parser = http.RequestParser(self.cfg, client)
            try:
                if not self.cfg.keepalive:
@ -46,8 +47,12 @@ class AsyncWorker(base.Worker):
                self.log.debug("Ignored premature client disconnection. %s", e)
            except StopIteration, e:
                self.log.debug("Closing connection. %s", e)
            except socket.error:
                raise # pass to next try-except level
            except Exception, e:
                self.handle_error(req, client, addr, e)
        except socket.timeout as e:
            self.handle_error(req, client, addr, e)
        except socket.error, e:
            if e[0] not in (errno.EPIPE, errno.ECONNRESET):
                self.log.exception("Socket error processing request.")
--- a/gunicorn/workers/base.py
+++ b/gunicorn/workers/base.py
@ -8,6 +8,7 @@ import os
 import signal
 import sys
 import traceback
 import socket
 from gunicorn import util
@ -155,6 +156,10 @@ class Worker(object):
                                     error=str(exc),
                                    )
                          )
        elif isinstance(exc, socket.timeout):
            status_int = 408
            reason = "Request Timeout"
            mesg = "<p>The server timed out handling for the request</p>"
        else:
            self.log.exception("Error handling request")
--- a/gunicorn/workers/sync.py
+++ b/gunicorn/workers/sync.py
@ -67,6 +67,7 @@ class SyncWorker(base.Worker):
    def handle(self, client, addr):
        req = None
        try:
            client.settimeout(self.cfg.timeout)
            parser = http.RequestParser(self.cfg, client)
            req = parser.next()
            self.handle_request(req, client, addr)
@ -74,6 +75,8 @@ class SyncWorker(base.Worker):
            self.log.debug("Ignored premature client disconnection. %s", e)
        except StopIteration, e:
            self.log.debug("Closing connection. %s", e)
        except socket.timeout as e:
            self.handle_error(req, client, addr, e)
        except socket.error, e:
            if e[0] != errno.EPIPE:
                self.log.exception("Error processing request.")