From e139abd5d017e390d65c4f6f7ce9c53fced12bd7 Mon Sep 17 00:00:00 2001
From: reyk <reyk@openbsd.org>
Date: Tue, 5 Aug 2014 16:30:35 +0000
Subject: [PATCH] Limit the number of (Keep-Alive) requests per connection to
 100. (Same default as in nginx and Apache).

---
 usr.sbin/httpd/httpd.h       | 3 ++-
 usr.sbin/httpd/server_http.c | 5 ++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/usr.sbin/httpd/httpd.h b/usr.sbin/httpd/httpd.h
index 2692150b5a5..b99c7c2b634 100644
--- a/usr.sbin/httpd/httpd.h
+++ b/usr.sbin/httpd/httpd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: httpd.h,v 1.44 2014/08/05 15:36:59 reyk Exp $	*/
+/*	$OpenBSD: httpd.h,v 1.45 2014/08/05 16:30:35 reyk Exp $	*/
 
 /*
  * Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -48,6 +48,7 @@
 #define SERVER_NUMPROC		3
 #define SERVER_MAXPROC		32
 #define SERVER_MAXHEADERLENGTH	8192
+#define SERVER_MAXREQUESTS	100	/* max requests per connection */
 #define SERVER_BACKLOG		10
 #define SERVER_OUTOF_FD_RETRIES	5
 
diff --git a/usr.sbin/httpd/server_http.c b/usr.sbin/httpd/server_http.c
index 2132be6de5c..ed061947758 100644
--- a/usr.sbin/httpd/server_http.c
+++ b/usr.sbin/httpd/server_http.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: server_http.c,v 1.37 2014/08/05 14:36:10 deraadt Exp $	*/
+/*	$OpenBSD: server_http.c,v 1.38 2014/08/05 16:30:36 reyk Exp $	*/
 
 /*
  * Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -711,6 +711,9 @@ server_response(struct httpd *httpd, struct client *clt)
 			clt->clt_persist = 0;
 	}
 
+	if (clt->clt_persist >= SERVER_MAXREQUESTS)
+		clt->clt_persist = 0;
+
 	/*
 	 * Do we have a Host header and matching configuration?
 	 * XXX the Host can also appear in the URL path.
-- 
2.20.1