From 27ebcfd418ed744425590254fa8ecca89213c8fe Mon Sep 17 00:00:00 2001 From: hotyue <52734432+hotyue@users.noreply.github.com> Date: Sat, 11 Apr 2026 00:34:53 +0000 Subject: [PATCH] =?UTF-8?q?security(agent):=20Webhook=20=E5=BC=95=E5=85=A5?= =?UTF-8?q?=20ThreadingMixIn=20=E5=8D=87=E7=BA=A7=E4=B8=BA=E5=A4=9A?= =?UTF-8?q?=E7=BA=BF=E7=A8=8B=E5=B9=B6=E5=8F=91=E6=A8=A1=E5=9E=8B=EF=BC=8C?= =?UTF-8?q?=E5=BD=BB=E5=BA=95=E5=85=8D=E7=96=AB=20Slowloris=20=E6=85=A2?= =?UTF-8?q?=E9=80=9F=E7=BD=91=E7=BB=9C=E8=80=97=E5=B0=BD=E6=94=BB=E5=87=BB?= =?UTF-8?q?=20(v3.0.3-part4)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/agent_daemon.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/core/agent_daemon.sh b/core/agent_daemon.sh index ca1df31..76deef9 100755 --- a/core/agent_daemon.sh +++ b/core/agent_daemon.sh @@ -1,7 +1,7 @@ #!/bin/bash # ========================================================== -# 脚本名称: agent_daemon.sh (受控节点 Webhook 守护进程 V2.0) +# 脚本名称: agent_daemon.sh (受控节点 Webhook 守护进程 V3.0.3) # 核心功能: 智能防打扰注册、进程自检、模块级路由分发(403拦截) # ========================================================== @@ -182,16 +182,18 @@ class AgentHandler(http.server.BaseHTTPRequestHandler): pass import socket -# [v3.0.1修复] 自定义支持双栈/IPv6的 Server 类 -class DualStackServer(socketserver.TCPServer): +# ================== [v3.0.3 变更: 引入多线程模型抵抗 Slowloris 攻击] ================== +class ThreadedDualStackServer(socketserver.ThreadingMixIn, socketserver.TCPServer): + allow_reuse_address = True # 开启端口复用,防止热重启时端口冲突 address_family = socket.AF_INET6 if socket.has_ipv6 else socket.AF_INET try: bind_addr = "::" if socket.has_ipv6 else "" - with DualStackServer((bind_addr, PORT), AgentHandler) as httpd: + with ThreadedDualStackServer((bind_addr, PORT), AgentHandler) as httpd: httpd.serve_forever() except Exception as e: sys.exit(1) +# ==================================================================================== EOF # --- [重点升级 3: 真正的静默后台启动] ---