From c549f367c1caaf462280a8df2e9940f7f3a0a9d0 Mon Sep 17 00:00:00 2001
From: ed <s@ocv.me>
Date: Wed, 10 Jul 2024 11:14:42 +0200
Subject: [PATCH] reduce timeout of unbounded socket reads;

if a request body is expected, but request has no content-length,
set the timeout to 1/20 of `--s-tbody`, so 9 seconds by default,
or 3 seconds if it's 60 as recommended in helptext

this gives less confusing behavior if a client accidentally does
something invalid, replying with an error response before the
previous timeout of 186 seconds

also raise the slowloris flag, in case a client bugs out and
keeps making such requests
---
 copyparty/httpcli.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py
index 344e9466..47affc79 100644
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@@ -1678,6 +1678,8 @@ class HttpCli(object):
         remains = int(self.headers.get("content-length", -1))
         if remains == -1:
             self.keepalive = False
+            self.in_hdr_recv = True
+            self.s.settimeout(max(self.args.s_tbody // 20, 1))
             return read_socket_unbounded(self.sr, bufsz), remains
         else:
             return read_socket(self.sr, bufsz, remains), remains