[mod_auth] close HTTP/2 connection after bad pass

mitigation slows down brute force password attacks x-ref: "Possible feature: authentication brute force hardening" https://redmine.lighttpd.net/boards/3/topics/8885
author: Glenn Strauss <gstrauss@gluelogic.com> 2021-02-06 08:29:41 -0500
committer: Glenn Strauss <gstrauss@gluelogic.com> 2021-02-06 08:29:41 -0500
commit: 4a600dabd5e2799bf0c3048859ee4f00808b7d89 (patch)
tree: 6b83af891955bc4126150a0fa28d2e5bd8e814ef /src/reqpool.c
parent: dc4ff14c1f245435d597b5caaba742534795a1e1 (diff)
download: lighttpd-git-4a600dabd5e2799bf0c3048859ee4f00808b7d89.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/src/reqpool.c b/src/reqpool.c
index 84229388..4ced1202 100644
--- a/src/reqpool.c
+++ b/src/reqpool.c
@@ -58,6 +58,7 @@ request_reset (request_st * const r)
     http_response_reset(r);
 
     r->loops_per_request = 0;
+    r->keep_alive = 0;
 
     r->h2state = 0; /* H2_STATE_IDLE */
     r->h2id = 0;
author	Glenn Strauss <gstrauss@gluelogic.com>	2021-02-06 08:29:41 -0500
committer	Glenn Strauss <gstrauss@gluelogic.com>	2021-02-06 08:29:41 -0500
commit	4a600dabd5e2799bf0c3048859ee4f00808b7d89 (patch)
tree	6b83af891955bc4126150a0fa28d2e5bd8e814ef /src/reqpool.c
parent	dc4ff14c1f245435d597b5caaba742534795a1e1 (diff)
download	lighttpd-git-4a600dabd5e2799bf0c3048859ee4f00808b7d89.tar.gz