Bug 1213967

Summary: Upstream Bug 51103 - mod_reqtimeout does not drop connection and return 408
Product: Red Hat Enterprise Linux 6 Reporter: Coty Sutherland <csutherl>
Component: httpdAssignee: Luboš Uhliarik <luhliari>
Status: CLOSED ERRATA QA Contact: Petr Šplíchal <psplicha>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.6CC: dkutalek, jkaluza, jorton, mfrodl, ohudlick
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: httpd-2.2.15-48.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-05-10 21:36:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1172231, 1269913    

Description Coty Sutherland 2015-04-21 16:18:17 UTC 
Description of problem:
The mod_reqtimeout module is not dropping connections and returning 408 when dealing with "slow http header" or "slow http body" requests.  Instead, it is either truncating the request and handling it, or dropping the request with a 400 status code.

Version-Release number of selected component (if applicable):
httpd-2.2.15

How reproducible:
Every time you use the test steps below.

Steps to Reproduce:
1. Launch a slow-post attack using the OWASP HTTP DoS tool (http://code.google.com/p/owasp-dos-http-post/downloads/list)
http_dos_cli --host 1.2.3.4 --port 80 --path /server-status --slow-post --post-field j_username --connections 1000 --rate 1000 --timeout 5
2. Sniff network traffic using Wireshark, observe requests being truncated and handled, resulting in a 200 return code.

Actual results:
Request is dropped and a 400 status code is returned OR request is truncated and handled normally.

Expected results:
Request is dropped and a 408 status code is returned.

Additional info:
These steps are straight from the upstream BZ.
Comment 9 errata-xmlrpc 2016-05-10 21:36:18 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0841.html