mirror of
https://github.com/TecharoHQ/anubis.git
synced 2026-05-20 05:10:30 +00:00
fix(honeypot/naive): cap r9k delay to one second
Otherwise this can get unbounded, which can cause problems with lesser HTTP proxies such as Apache. Ref: AWOO-002 Signed-off-by: Xe Iaso <me@xeiaso.net>
This commit is contained in:
Xe Iaso
@@ -30,6 +30,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|||||||
- Add config option to add ASN to logs/metrics.
|
- Add config option to add ASN to logs/metrics.
|
||||||
- Log weight when issuing challenge.
|
- Log weight when issuing challenge.
|
||||||
- Gate pprof endpoints behind `metrics.debug` in the policy file.
|
- Gate pprof endpoints behind `metrics.debug` in the policy file.
|
||||||
|
- Limit naive honeypot r9k delay to one second.
|
||||||
- Fix `path_regex` and CEL `path` rules not matching when using Traefik `forwardAuth` middleware. Anubis now checks `X-Forwarded-Uri` (Traefik) in addition to `X-Original-URI` (nginx) when resolving the request path in subrequest mode ([#1628](https://github.com/TecharoHQ/anubis/issues/1628)).
|
- Fix `path_regex` and CEL `path` rules not matching when using Traefik `forwardAuth` middleware. Anubis now checks `X-Forwarded-Uri` (Traefik) in addition to `X-Original-URI` (nginx) when resolving the request path in subrequest mode ([#1628](https://github.com/TecharoHQ/anubis/issues/1628)).
|
||||||
|
|
||||||
## v1.25.0: Necron
|
## v1.25.0: Necron
|
||||||
|
|||||||
@@ -169,7 +169,7 @@ func (i *Impl) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
millisecondAmount := math.Pow(float64(networkCount), 2)
|
millisecondAmount := min(math.Pow(float64(networkCount), 2), 1000)
|
||||||
time.Sleep(time.Duration(millisecondAmount) * time.Millisecond)
|
time.Sleep(time.Duration(millisecondAmount) * time.Millisecond)
|
||||||
|
|
||||||
spins := i.makeSpins()
|
spins := i.makeSpins()
|
||||||
|
|||||||
Reference in New Issue
Block a user