activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jbono...@apache.org
Subject [activemq] 01/02: [AMQ-7327] Use maxFrameSize to limit HTTP content length
Date Tue, 12 Nov 2019 16:33:51 GMT
This is an automated email from the ASF dual-hosted git repository.

jbonofre pushed a commit to branch activemq-5.15.x
in repository https://gitbox.apache.org/repos/asf/activemq.git

commit 006efab559a63a33a1c53541b7940a5a0a7d4f12
Author: Jean-Baptiste Onofré <jbonofre@apache.org>
AuthorDate: Wed Nov 6 11:17:34 2019 +0100

    [AMQ-7327] Use maxFrameSize to limit HTTP content length
    
    (cherry picked from commit 50a94cbf12f6a4b9d623b07515b9fd86c53efb13)
---
 .../transport/http/HttpTransportFactory.java       |  2 +
 .../transport/http/HttpTransportServer.java        |  7 +++
 .../activemq/transport/http/HttpTunnelServlet.java |  6 ++
 .../transport/http/HttpMaxFrameSizeTest.java       | 64 ++++++++++++++++++++++
 4 files changed, 79 insertions(+)

diff --git a/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTransportFactory.java
b/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTransportFactory.java
index 02ecf77..4b53c31 100644
--- a/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTransportFactory.java
+++ b/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTransportFactory.java
@@ -48,9 +48,11 @@ public class HttpTransportFactory extends TransportFactory {
             Map<String, Object> jettyOptions = IntrospectionSupport.extractProperties(options,
"jetty.");
             Map<String, Object> httpOptions = IntrospectionSupport.extractProperties(options,
"http.");
             Map<String, Object> transportOptions = IntrospectionSupport.extractProperties(options,
"transport.");
+            Map<String, Object> wireFormatOptions = IntrospectionSupport.extractProperties(options,
"wireFormat.");
             result.setJettyOptions(jettyOptions);
             result.setTransportOption(transportOptions);
             result.setHttpOptions(httpOptions);
+            result.setWireFormatOptions(wireFormatOptions);
             return result;
         } catch (URISyntaxException e) {
             throw IOExceptionSupport.create(e);
diff --git a/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTransportServer.java
b/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTransportServer.java
index ca3bed8..3707429 100644
--- a/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTransportServer.java
+++ b/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTransportServer.java
@@ -18,6 +18,7 @@ package org.apache.activemq.transport.http;
 
 import java.net.InetSocketAddress;
 import java.net.URI;
+import java.util.HashMap;
 import java.util.Map;
 
 import org.apache.activemq.command.BrokerInfo;
@@ -38,6 +39,7 @@ public class HttpTransportServer extends WebTransportServerSupport {
 
     private TextWireFormat wireFormat;
     private final HttpTransportFactory transportFactory;
+    private Map<String, Object> wireFormatOptions = new HashMap<>();
 
     public HttpTransportServer(URI uri, HttpTransportFactory factory) {
         super(uri);
@@ -93,6 +95,7 @@ public class HttpTransportServer extends WebTransportServerSupport {
         contextHandler.setAttribute("wireFormat", getWireFormat());
         contextHandler.setAttribute("transportFactory", transportFactory);
         contextHandler.setAttribute("transportOptions", transportOptions);
+        contextHandler.setAttribute("wireFormatOptions", wireFormatOptions);
 
         //AMQ-6182 - disabling trace by default
         configureTraceMethod((ConstraintSecurityHandler) contextHandler.getSecurityHandler(),
@@ -171,6 +174,10 @@ public class HttpTransportServer extends WebTransportServerSupport {
         super.setTransportOption(transportOptions);
     }
 
+    public void setWireFormatOptions(Map<String, Object> wireFormatOptions) {
+        this.wireFormatOptions = wireFormatOptions;
+    }
+
     @Override
     public boolean isSslServer() {
         return false;
diff --git a/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTunnelServlet.java
b/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTunnelServlet.java
index 193003f..5c474bd 100644
--- a/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTunnelServlet.java
+++ b/activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTunnelServlet.java
@@ -60,6 +60,7 @@ public class HttpTunnelServlet extends HttpServlet {
     private ConcurrentMap<String, BlockingQueueTransport> clients = new ConcurrentHashMap<String,
BlockingQueueTransport>();
     private final long requestTimeout = 30000L;
     private HashMap<String, Object> transportOptions;
+    private HashMap<String, Object> wireFormatOptions;
 
     @SuppressWarnings("unchecked")
     @Override
@@ -74,6 +75,7 @@ public class HttpTunnelServlet extends HttpServlet {
             throw new ServletException("No such attribute 'transportFactory' available in
the ServletContext");
         }
         transportOptions = (HashMap<String, Object>)getServletContext().getAttribute("transportOptions");
+        wireFormatOptions = (HashMap<String, Object>)getServletContext().getAttribute("wireFormatOptions");
         wireFormat = (TextWireFormat)getServletContext().getAttribute("wireFormat");
         if (wireFormat == null) {
             wireFormat = createWireFormat();
@@ -118,6 +120,10 @@ public class HttpTunnelServlet extends HttpServlet {
     @Override
     protected void doPost(HttpServletRequest request, HttpServletResponse response) throws
ServletException, IOException {
 
+        if (wireFormatOptions.get("maxFrameSize") != null && request.getContentLength()
> Integer.parseInt(wireFormatOptions.get("maxFrameSize").toString())) {
+            throw new ServletException("maxFrameSize exceeded");
+        }
+
         InputStream stream = request.getInputStream();
         String contentType = request.getContentType();
         if (contentType != null && contentType.equals("application/x-gzip")) {
diff --git a/activemq-http/src/test/java/org/apache/activemq/transport/http/HttpMaxFrameSizeTest.java
b/activemq-http/src/test/java/org/apache/activemq/transport/http/HttpMaxFrameSizeTest.java
new file mode 100644
index 0000000..2befaf6
--- /dev/null
+++ b/activemq-http/src/test/java/org/apache/activemq/transport/http/HttpMaxFrameSizeTest.java
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.transport.http;
+
+import org.apache.activemq.ActiveMQConnectionFactory;
+import org.apache.activemq.broker.BrokerService;
+import org.apache.activemq.command.ActiveMQQueue;
+import org.apache.commons.lang.StringUtils;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import javax.jms.Connection;
+import javax.jms.JMSException;
+import javax.jms.MessageProducer;
+import javax.jms.Session;
+import javax.jms.TextMessage;
+
+public class HttpMaxFrameSizeTest {
+
+    protected BrokerService brokerService;
+
+    @Before
+    public void setup() throws Exception {
+        brokerService = new BrokerService();
+        brokerService.setPersistent(false);
+        brokerService.setUseJmx(false);
+        brokerService.deleteAllMessages();
+        brokerService.addConnector("http://localhost:8888?wireFormat.maxFrameSize=10");
+        brokerService.start();
+        brokerService.waitUntilStarted();
+    }
+
+    @After
+    public void teardown() throws Exception {
+        brokerService.stop();
+    }
+
+    @Test(expected = JMSException.class)
+    public void sendTest() throws Exception {
+        ActiveMQConnectionFactory connectionFactory = new ActiveMQConnectionFactory("http://localhost:8888");
+        Connection connection = connectionFactory.createConnection();
+        Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
+        MessageProducer producer = session.createProducer(new ActiveMQQueue("test"));
+        String payload = StringUtils.repeat("*", 2000);
+        TextMessage textMessage = session.createTextMessage(payload);
+        producer.send(textMessage);
+    }
+
+}


Mime
View raw message