test OOM by slow read attack

[kingluo]

part of #612

CVE-2019-9511 “Data Dribble”
CVE-2019-9517 “Internal Data Buffering”

Both attacks accumulate big responses from the backend which causes OOM.

The strange thing is, keepalive_timeout does not help, it does not reset or fin the TCP connection. For example, in “Internal Data Buffering”, the keepalive timer only stops the TCP retransmits from tempesta but does not reset the connection. I need to look into this more.

[kingluo]

There are two workarounds for this issue:

1. keepalive_timeout will send a FIN, so the downstream connection will be closed after the timeout, and the large response body received from the upstream will be discarded, so OOM is avoided.

2. set http_body_len frang limit.

But IMO, the perfect solution may be to support buffering: tempesta-tech/tempesta#498

I think it also fixes #1715.

[RomanBelozerov]

@kingluo @krizhanovsky @const-t We should not use keepalive_timeout and http_body_len:

1. http_body_len - an attacker can just request a resource with a body less then http_body_len and create a lot of streams/connections. And we cannot set a small value for this directive + it work for a response/request at the same time.
2. I think keepalive_timeout also won't help from these attacks. The attacker can consume a lot of memory in a few seconds in a lot of connections/streams. And we cannot set a small value for keepalive_timeout, right?

I think we should wait for #498 issue or make a temporary workaround.