Menu
▾
▴
[Sblim-commit] jsr48-client/src/org/sblim/cimclient/internal/util WBEMConfigurationDefaults.java, 1.11.2.24, 1.11.2.25 WBEMConfiguration.java, 1.17.2.37, 1.17.2.38 WBEMConstants.java, 1.7.2.9, 1.7.2.10
|
From: Dave B. <bla...@us...> - 2013-05-16 18:55:54
|
Update of /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv16851/src/org/sblim/cimclient/internal/util Modified Files: Tag: Experimental WBEMConfigurationDefaults.java WBEMConfiguration.java WBEMConstants.java Log Message: 2635 Slowloris DoS attack for CIM indication listener port Index: WBEMConfigurationDefaults.java =================================================================== RCS file: /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util/WBEMConfigurationDefaults.java,v retrieving revision 1.11.2.24 retrieving revision 1.11.2.25 diff -u -d -r1.11.2.24 -r1.11.2.25 --- WBEMConfigurationDefaults.java 26 Mar 2013 17:25:44 -0000 1.11.2.24 +++ WBEMConfigurationDefaults.java 16 May 2013 18:55:51 -0000 1.11.2.25 @@ -39,6 +39,7 @@ * 3572993 2012-10-01 blaschke-oss parseDouble("2.2250738585072012e-308") DoS vulnerability * 3598613 2013-01-11 blaschke-oss different data type in cim instance and cim object path * 2628 2013-03-26 blaschke-oss Limit size of LinkedList of CIMEvents to be dispatched + * 2635 2013-05-16 blaschke-oss Slowloris DoS attack for CIM indication listener port */ package org.sblim.cimclient.internal.util; @@ -230,6 +231,16 @@ public static final String LISTENER_HTTP_TIMEOUT = "10000"; /** + * LISTENER_HTTP_HEADER_TIMEOUT + */ + public static final String LISTENER_HTTP_HEADER_TIMEOUT = "30000"; + + /** + * LISTENER_HTTP_MAX_ALLOWED_TIMEOUTS + */ + public static final String LISTENER_HTTP_MAX_ALLOWED_TIMEOUTS = "0"; + + /** * LISTENER_MAX_POOL_SIZE */ public static final String LISTENER_MAX_POOL_SIZE = "8"; Index: WBEMConstants.java =================================================================== RCS file: /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util/WBEMConstants.java,v retrieving revision 1.7.2.9 retrieving revision 1.7.2.10 diff -u -d -r1.7.2.9 -r1.7.2.10 --- WBEMConstants.java 23 Feb 2013 12:20:24 -0000 1.7.2.9 +++ WBEMConstants.java 16 May 2013 18:55:51 -0000 1.7.2.10 @@ -25,6 +25,7 @@ * 2882448 2009-10-21 blaschke-oss Add WBEMClientConstants from JSR48 * 3525138 2012-05-09 blaschke-oss Remove WBEMConstants.PROTOCOL_CIMXML * 2619 2013-02-22 blaschke-oss Host should contain port when not 5988/5989 + * 2635 2013-05-16 blaschke-oss Slowloris DoS attack for CIM indication listener port */ package org.sblim.cimclient.internal.util; @@ -164,4 +165,9 @@ * Operating system name as found on z/OS */ public static final String Z_OS = "z/OS"; + + /** + * Exception message for indication sender potential DoS + */ + public static final String INDICATION_DOS_EXCEPTION_MESSAGE = "Indication sender taking too long, possible DoS underway?"; } Index: WBEMConfiguration.java =================================================================== RCS file: /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util/WBEMConfiguration.java,v retrieving revision 1.17.2.37 retrieving revision 1.17.2.38 diff -u -d -r1.17.2.37 -r1.17.2.38 --- WBEMConfiguration.java 26 Mar 2013 17:25:44 -0000 1.17.2.37 +++ WBEMConfiguration.java 16 May 2013 18:55:51 -0000 1.17.2.38 @@ -47,6 +47,7 @@ * 3598613 2013-01-11 blaschke-oss different data type in cim instance and cim object path * 2618 2013-02-27 blaschke-oss Need to add property to disable weak cipher suites for the secure indication * 2628 2013-03-26 blaschke-oss Limit size of LinkedList of CIMEvents to be dispatched + * 2635 2013-05-16 blaschke-oss Slowloris DoS attack for CIM indication listener port */ package org.sblim.cimclient.internal.util; @@ -965,6 +966,28 @@ } /** + * Returns the http header timeout for indication connection handlers + * + * @return The timeout + */ + public int getListenerHttpHeaderTimeout() { + return Integer.parseInt(getProperty( + WBEMConfigurationProperties.LISTENER_HTTP_HEADER_TIMEOUT, + WBEMConfigurationDefaults.LISTENER_HTTP_HEADER_TIMEOUT)); + } + + /** + * Returns the maximum allowed http timeouts before IP is blocked + * + * @return The maximum allowed timeouts + */ + public int getListenerMaxAllowedTimeouts() { + return Integer.parseInt(getProperty( + WBEMConfigurationProperties.LISTENER_HTTP_MAX_ALLOWED_TIMEOUTS, + WBEMConfigurationDefaults.LISTENER_HTTP_MAX_ALLOWED_TIMEOUTS)); + } + + /** * Returns the maximal pool size for indication connection handlers * * @return The maximal pool size |
