Menu
▾
▴
[Sblim-commit] jsr48-client/src/org/sblim/cimclient/internal/util WBEMConstants.java, 1.14, 1.14.4.1 WBEMConfigurationDefaults.java, 1.21.2.1, 1.21.2.2 WBEMConfiguration.java, 1.30, 1.30.2.1
|
From: Dave B. <bla...@us...> - 2013-08-21 10:14:38
|
Update of /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv7383/src/org/sblim/cimclient/internal/util Modified Files: Tag: CIM_CLIENT_2_1_4_M WBEMConstants.java WBEMConfigurationDefaults.java WBEMConfiguration.java Log Message: 2635 Slowloris DoS attack for CIM indication listener port Index: WBEMConfigurationDefaults.java =================================================================== RCS file: /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util/WBEMConfigurationDefaults.java,v retrieving revision 1.21.2.1 retrieving revision 1.21.2.2 diff -u -d -r1.21.2.1 -r1.21.2.2 --- WBEMConfigurationDefaults.java 16 Mar 2010 00:49:26 -0000 1.21.2.1 +++ WBEMConfigurationDefaults.java 21 Aug 2013 10:14:35 -0000 1.21.2.2 @@ -1,7 +1,7 @@ /** * WBEMConfigurationDefaults.java * - * (C) Copyright IBM Corp. 2006, 2010 + * (C) Copyright IBM Corp. 2006, 2013 * * THIS FILE IS PROVIDED UNDER THE TERMS OF THE ECLIPSE PUBLIC LICENSE * ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THIS FILE @@ -27,6 +27,7 @@ * 2884718 2009-10-23 blaschke-oss Merge JSR48 and SBLIM client properties * 2930341 2010-01-12 blaschke-oss Sync up WBEMClientConstants with JSR48 1.0.0 * 2970881 2010-03-15 blaschke-oss Add property to control EmbeddedObject case + * 2635 2013-05-16 blaschke-oss Slowloris DoS attack for CIM indication listener port */ package org.sblim.cimclient.internal.util; @@ -208,6 +209,16 @@ public static final String LISTENER_HTTP_TIMEOUT = "10000"; /** + * LISTENER_HTTP_HEADER_TIMEOUT + */ + public static final String LISTENER_HTTP_HEADER_TIMEOUT = "30000"; + + /** + * LISTENER_HTTP_MAX_ALLOWED_TIMEOUTS + */ + public static final String LISTENER_HTTP_MAX_ALLOWED_TIMEOUTS = "0"; + + /** * LISTENER_MAX_POOL_SIZE */ public static final String LISTENER_MAX_POOL_SIZE = "8"; Index: WBEMConstants.java =================================================================== RCS file: /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util/WBEMConstants.java,v retrieving revision 1.14 retrieving revision 1.14.4.1 diff -u -d -r1.14 -r1.14.4.1 --- WBEMConstants.java 17 Nov 2009 19:39:34 -0000 1.14 +++ WBEMConstants.java 21 Aug 2013 10:14:35 -0000 1.14.4.1 @@ -1,7 +1,7 @@ /** * CIMClientConstants.java * - * (C) Copyright IBM Corp. 2006, 2009 + * (C) Copyright IBM Corp. 2006, 2013 * * THIS FILE IS PROVIDED UNDER THE TERMS OF THE ECLIPSE PUBLIC LICENSE * ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THIS FILE @@ -23,6 +23,7 @@ * 2524131 2009-01-21 raman_arora Upgrade client to JDK 1.5 (Phase 1) * 2763216 2009-04-14 blaschke-oss Code cleanup: visible spelling/grammar errors * 2882448 2009-10-21 blaschke-oss Add WBEMClientConstants from JSR48 + * 2635 2013-05-16 blaschke-oss Slowloris DoS attack for CIM indication listener port */ package org.sblim.cimclient.internal.util; @@ -165,4 +166,9 @@ * Operating system name as found on z/OS */ public static final String Z_OS = "z/OS"; + + /** + * Exception message for indication sender potential DoS + */ + public static final String INDICATION_DOS_EXCEPTION_MESSAGE = "Indication sender taking too long, possible DoS underway?"; } Index: WBEMConfiguration.java =================================================================== RCS file: /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util/WBEMConfiguration.java,v retrieving revision 1.30 retrieving revision 1.30.2.1 diff -u -d -r1.30 -r1.30.2.1 --- WBEMConfiguration.java 15 Mar 2010 22:48:23 -0000 1.30 +++ WBEMConfiguration.java 21 Aug 2013 10:14:35 -0000 1.30.2.1 @@ -1,5 +1,5 @@ /** - * (C) Copyright IBM Corp. 2006, 2010 + * (C) Copyright IBM Corp. 2006, 2013 * * THIS FILE IS PROVIDED UNDER THE TERMS OF THE ECLIPSE PUBLIC LICENSE * ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THIS FILE @@ -28,6 +28,7 @@ * 2846231 2009-09-23 rgummada connection failure on CIMOM w/o user/pw * 2930341 2010-01-12 blaschke-oss Sync up WBEMClientConstants with JSR48 1.0.0 * 2970881 2010-03-15 blaschke-oss Add property to control EmbeddedObject case + * 2635 2013-05-16 blaschke-oss Slowloris DoS attack for CIM indication listener port */ package org.sblim.cimclient.internal.util; @@ -816,6 +817,28 @@ } /** + * Returns the http header timeout for indication connection handlers + * + * @return The timeout + */ + public int getListenerHttpHeaderTimeout() { + return Integer.parseInt(getProperty( + WBEMConfigurationProperties.LISTENER_HTTP_HEADER_TIMEOUT, + WBEMConfigurationDefaults.LISTENER_HTTP_HEADER_TIMEOUT)); + } + + /** + * Returns the maximum allowed http timeouts before IP is blocked + * + * @return The maximum allowed timeouts + */ + public int getListenerMaxAllowedTimeouts() { + return Integer.parseInt(getProperty( + WBEMConfigurationProperties.LISTENER_HTTP_MAX_ALLOWED_TIMEOUTS, + WBEMConfigurationDefaults.LISTENER_HTTP_MAX_ALLOWED_TIMEOUTS)); + } + + /** * Returns the maximal pool size for indication connection handlers * * @return The maximal pool size |
