[mod_gnutls-devel] libapache2-mod-gnutls: mod_gnutls consumes 100% cpu and possible DOS
Félix Arreola Rodríguez
amazon at gatuno.mx
Tue Jan 26 06:53:30 CET 2021
Hi
I came across this Debian Bug
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942737), after doing
heavy gdb debugging, I find out a problem between mod-gnutls and
mod-reqtimeout. The issue causes a possible DOS, because if you have and
empty TCP connection, and mod request timeout enabled, reqtimeout
generates APR_TIMEUP and this causes a loop inside mod-gnutls.
The long debug session is described here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942737#25
Steps to reproduce:
Enable apache2 with the modules mod-gnutls, and mod-reqtimeout. Setup a
reqtimeout like: RequestReadTimeout header=20-40,minrate=500 and open
an openssl s_client:
openssl s_client -connect IP:port
Don't send any data over the openssl connect. Just wait for the timeout
to happen. After the timeout, the CPU usage will increase. Also, you
can quit the openssl s_client and the apache process will be stuck in
the endless loop.
This bug is not found in 0.8.2, because it handles different the
APR_TIMEUP.
Thanks for reading.
--
Atte. Félix Arreola
More information about the mod_gnutls-devel
mailing list