drop one of the slowloris detectors

2025-08-17 09:02:15 -06:00 · 2022-12-02 17:53:23 +00:00 · 2022-12-02 17:53:23 +00:00 · 7c76d08958
parent 89c9f45fd0
commit 7c76d08958
6 changed files with 9 additions and 28 deletions
--- a/copyparty/main.py
+++ b/copyparty/main.py
@ -749,8 +749,7 @@ def run_argparse(
    ap2.add_argument("--ban-pw", metavar="N,W,B", type=u, default="9,60,1440", help="more than \033[33mN\033[0m wrong passwords in \033[33mW\033[0m minutes = ban for \033[33mB\033[0m minutes; disable with [\033[32mno\033[0m]")
    ap2.add_argument("--ban-404", metavar="N,W,B", type=u, default="no", help="hitting more than \033[33mN\033[0m 404's in \033[33mW\033[0m minutes = ban for \033[33mB\033[0m minutes (disabled by default since turbo-up2k counts as 404s)")
    ap2.add_argument("--aclose", metavar="MIN", type=int, default=10, help="if a client maxes out the server connection limit, downgrade it from connection:keep-alive to connection:close for MIN minutes (and also kill its active connections) -- disable with 0")
-    ap2.add_argument("--loris1", metavar="W,B", type=u, default="60,60", help="if a client takes more than W seconds to finish sending headers, ban it for B minutes; disable with [\033[32mno\033[0m]")
-    ap2.add_argument("--loris2", metavar="B", type=int, default=60, help="if a client maxes out the server connection limit without sending headers, ban it for B minutes; disable with [\033[32m0\033[0m]")
+    ap2.add_argument("--loris", metavar="B", type=int, default=60, help="if a client maxes out the server connection limit without sending headers, ban it for B minutes; disable with [\033[32m0\033[0m]")

    ap2 = ap.add_argument_group('shutdown options')
    ap2.add_argument("--ign-ebind", action="store_true", help="continue running even if it's impossible to listen on some of the requested endpoints")
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@ -38,7 +38,6 @@ from .util import (
    META_NOBOTS,
    MultipartParser,
    Pebkac,
-    Slowloris,
    UnrecvEOF,
    alltrace,
    atomic_move,
@ -213,7 +212,7 @@ class HttpCli(object):

        try:
            self.s.settimeout(2)
-            headerlines = read_header(self.sr, self.args.loris1w)
+            headerlines = read_header(self.sr)
            self.in_hdr_recv = False
            if not headerlines:
                return False
@ -245,13 +244,6 @@ class HttpCli(object):
            self.loud_reply(unicode(ex), status=ex.code, headers=h, volsan=True)
            return self.keepalive

-        except Slowloris:
-            ip = ipnorm(self.ip)
-            self.conn.bans[ip] = int(time.time() + self.args.loris1b * 60)
-            t = "slowloris (infinite-headers): {} banned for {} min"
-            self.log(t.format(ip, self.args.loris1b), 1)
-            return False
-
        self.ua = self.headers.get("user-agent", "")
        self.is_rclone = self.ua.startswith("rclone/")
        self.is_ancient = self.ua.startswith("Mozilla/4.")
--- a/copyparty/httpsrv.py
+++ b/copyparty/httpsrv.py
@ -266,8 +266,8 @@ class HttpSrv(object):
                    continue

                t = "slowloris (idle-conn): {} banned for {} min"
-                self.log(self.name, t.format(ip, self.args.loris2, nclose), 1)
-                self.bans[ip] = int(time.time() + self.args.loris2 * 60)
+                self.log(self.name, t.format(ip, self.args.loris, nclose), 1)
+                self.bans[ip] = int(time.time() + self.args.loris * 60)

            if self.args.log_conn:
                self.log(self.name, "|%sC-acc1" % ("-" * 2,), c="90")
--- a/copyparty/svchub.py
+++ b/copyparty/svchub.py
@ -290,12 +290,6 @@ class SvcHub(object):

    def _process_config(self) -> bool:
        al = self.args
-        if al.loris1 == "no":
-            al.loris1 = "0,0"
-
-        i1, i2 = al.loris1.split(",")
-        al.loris1w = int(i1)
-        al.loris1b = int(i2)

        al.zm_on = al.zm_on or al.z_on
        al.zs_on = al.zs_on or al.z_on
--- a/copyparty/util.py
+++ b/copyparty/util.py
@ -1253,7 +1253,7 @@ class MultipartParser(object):
        rfc1341/rfc1521/rfc2047/rfc2231/rfc2388/rfc6266/the-real-world
        (only the fallback non-js uploader relies on these filenames)
        """
-        for ln in read_header(self.sr, 0):
+        for ln in read_header(self.sr):
            self.log(ln)

            m = self.re_ctype.match(ln)
@ -1453,12 +1453,12 @@ def get_boundary(headers: dict[str, str]) -> str:
    return m.group(2)


-def read_header(sr: Unrecv, loris: int) -> list[str]:
+def read_header(sr: Unrecv) -> list[str]:
    t0 = time.time()
    ret = b""
    while True:
-        if loris and time.time() - t0 > loris:
-            raise Slowloris()
+        if time.time() - t0 > 120:
+            return []

        try:
            ret += sr.recv(1024)
@ -2541,7 +2541,3 @@ class Pebkac(Exception):

    def __repr__(self) -> str:
        return "Pebkac({}, {})".format(self.code, repr(self.args))
-
-
-class Slowloris(Exception):
-    pass
--- a/tests/util.py
+++ b/tests/util.py
@ -107,7 +107,7 @@ class Cfg(Namespace):
        ex = "css_browser hist js_browser no_hash no_idx no_forget"
        ka.update(**{k: None for k in ex.split()})

-        ex = "re_maxage rproxy rsp_slp s_wr_slp theme themes turbo df loris1w loris1b loris2"
+        ex = "re_maxage rproxy rsp_slp s_wr_slp theme themes turbo df loris"
        ka.update(**{k: 0 for k in ex.split()})

        ex = "doctitle favico html_head mth textfiles log_fk"