sniproxy icon indicating copy to clipboard operation
sniproxy copied to clipboard

Published 20 hours ago verified publisher icon dlundquist

exceeded 4096 byte buffer size

Open cronnelly opened this issue 2 years ago • 2 comments

Hi,

I found an instance of sniproxy which I run (0.6.0; Ubuntu 22.04) was occasionally failing to proxy TLS requests. In the logs I found lines like the following:

2022-05-12 15:20:54 Request from [::ffff:xx.xx.xx.xxx]:46600 exceeded 4096 byte buffer size

Working on the guess that these requests perhaps have very large HTTP headers, I replaced 4096 with 8192 throughout the codebase, and recompiled sniproxy. Since then, this issue has not reoccurred.

Perhaps this value could be tuneable in the config?

Many thanks!

cronnelly avatar May 12 '22 18:05 cronnelly

Hi, Why did you choose 8192? Header max size is somewhat different between web servers:

Web Server Size Limit Apache 8K Nginx 4K-8K IIS 8K-16K Tomcat 8K – 48K

renaudallard avatar May 13 '22 14:05 renaudallard

Hi @renaudallard,

I work with Varnish Cache a lot, which also has an 8K default header limit. So chose that as a figure to test with.

However I didn't really put any more thought into it than that!

cronnelly avatar Jun 16 '22 12:06 cronnelly