directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r722452 - in /directory/apacheds/branches/apacheds-mina2: core/src/main/java/org/apache/directory/server/core/ core/src/test/java/org/apache/directory/server/core/authz/support/ core/src/test/java/org/apache/directory/server/core/intercepto...
Date Tue, 02 Dec 2008 13:23:21 GMT
Author: elecharny
Date: Tue Dec  2 05:23:20 2008
New Revision: 722452

URL: http://svn.apache.org/viewvc?rev=722452&view=rev
Log:
Added some support for OOM protection :
- a new parameter has been added to the DirectoryServer : maxPDUSize
- it has been propagated to the LDAP decoder
- a test has been added to check that the server correctly control the PDU size.
- the server.xml file has been changed to handle this parameter

Modified:
    directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
    directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java
    directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
    directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
    directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolCodecFactory.java
    directory/apacheds/branches/apacheds-mina2/server-integ/src/test/java/org/apache/directory/server/operations/add/AddIT.java
    directory/apacheds/branches/apacheds-mina2/server-xml/src/main/resources/server.xml

Modified: directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java?rev=722452&r1=722451&r2=722452&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
Tue Dec  2 05:23:20 2008
@@ -248,6 +248,10 @@
     private List<? extends LdifEntry> testEntries = new ArrayList<LdifEntry>();
// List<Attributes>
     private EventService eventService;
 
+    
+    
+    /** The maximum size for an incoming PDU */
+    private int maxPDUSize = Integer.MAX_VALUE;
 
 
     public void setInstanceId( String instanceId )
@@ -1557,4 +1561,29 @@
     {
         this.passwordHidden = passwordHidden;
     }
+
+
+    /**
+     * @return The maximum allowed size for an incoming PDU
+     */
+    public int getMaxPDUSize()
+    {
+        return maxPDUSize;
+    }
+
+
+    /**
+     * Set the maximum allowed size for an incoming PDU 
+     * @param maxPDUSize A positive number of bytes for the PDU. A negative or
+     * null value will be transformed to {@link Integer#MAX_VALUE}
+     */
+    public void setMaxPDUSize( int maxPDUSize )
+    {
+        if ( maxPDUSize <= 0 )
+        {
+            maxPDUSize = Integer.MAX_VALUE;
+        }
+        
+        this.maxPDUSize = maxPDUSize;
+    }
 }

Modified: directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java?rev=722452&r1=722451&r2=722452&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java
Tue Dec  2 05:23:20 2008
@@ -414,4 +414,18 @@
      * Gets the operation manager.
      */
     OperationManager getOperationManager();
+
+
+    /**
+     * @return The maximum allowed size for an incoming PDU
+     */
+    int getMaxPDUSize();
+
+
+    /**
+     * Set the maximum allowed size for an incoming PDU 
+     * @param maxPDUSize A positive number of bytes for the PDU. A negative or
+     * null value will be transformed to {@link Integer#MAX_VALUE}
+     */
+    void setMaxPDUSize( int maxPDUSize );
 }

Modified: directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java?rev=722452&r1=722451&r2=722452&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
Tue Dec  2 05:23:20 2008
@@ -824,6 +824,18 @@
         public void setPassordHidden( boolean passwordHidden )
         {
         }
+
+
+        public int getMaxPDUSize()
+        {
+            return Integer.MAX_VALUE;
+        }
+
+
+        public void setMaxPDUSize( int maxPDUSize )
+        {
+            // Do nothing
+        }
     }
 
     

Modified: directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java?rev=722452&r1=722451&r2=722452&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
Tue Dec  2 05:23:20 2008
@@ -633,5 +633,17 @@
         public void setPassordHidden( boolean passwordHidden )
         {
         }
+
+
+        public int getMaxPDUSize()
+        {
+            return Integer.MAX_VALUE;
+        }
+
+
+        public void setMaxPDUSize( int maxPDUSize )
+        {
+            // Do nothing
+        }
     }
 }

Modified: directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolCodecFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolCodecFactory.java?rev=722452&r1=722451&r2=722452&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolCodecFactory.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolCodecFactory.java
Tue Dec  2 05:23:20 2008
@@ -77,14 +77,6 @@
      */
     public ProtocolDecoder getDecoder( IoSession session )
     {
-        Object maxPDUSizeValue = session.getAttribute( MAX_PDU_SIZE );
-        int maxPDUSize = Integer.MAX_VALUE;
-        
-        if ( ( maxPDUSizeValue != null ) || ( maxPDUSizeValue instanceof Number ) )
-        {
-            maxPDUSize = ((Number)maxPDUSizeValue).intValue();
-        }
-        
         return new Asn1CodecDecoder( new MessageDecoder( new BinaryAttributeDetector()
         {
             public boolean isBinary( String id )
@@ -101,6 +93,6 @@
                 }
             }
         },
-        maxPDUSize ) );
+        directoryService.getMaxPDUSize() ) );
     }
 }
\ No newline at end of file

Modified: directory/apacheds/branches/apacheds-mina2/server-integ/src/test/java/org/apache/directory/server/operations/add/AddIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/server-integ/src/test/java/org/apache/directory/server/operations/add/AddIT.java?rev=722452&r1=722451&r2=722452&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/server-integ/src/test/java/org/apache/directory/server/operations/add/AddIT.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/server-integ/src/test/java/org/apache/directory/server/operations/add/AddIT.java
Tue Dec  2 05:23:20 2008
@@ -20,6 +20,7 @@
 package org.apache.directory.server.operations.add;
 
 
+import javax.naming.CommunicationException;
 import javax.naming.Context;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
@@ -942,4 +943,73 @@
         assertTrue( cn.contains( "Jackson" ) );
         assertTrue( cn.contains( "Michael" ) );
     }
+
+
+    /**
+     * Test that if we inject a PDU above the max allowed size,
+     * the connection is closed. 
+     * 
+     * @throws NamingException 
+     */
+    @Test
+    public void testAddPDUExceedingMaxSize() throws Exception
+    {
+        // Limit the PDU size to 1024
+        ldapService.getDirectoryService().setMaxPDUSize( 1024 );
+        DirContext ctx = ( DirContext ) getWiredContext( ldapService ).lookup( BASE );
+
+        // modify object classes, add two more
+        Attributes attributes = new BasicAttributes( true );
+        Attribute ocls = new BasicAttribute( "description" );
+        
+        // Inject a 1024 bytes long description
+        StringBuilder sb = new StringBuilder();
+        
+        for ( int i = 0; i < 128; i++ )
+        {
+            sb.append( "0123456789ABCDEF" );
+        }
+        
+        ocls.add( sb.toString() );
+        attributes.put( ocls );
+
+        DirContext person = ( DirContext ) ctx.lookup( RDN );
+        
+        try
+        {
+            person.modifyAttributes( "", DirContext.ADD_ATTRIBUTE, attributes );
+            fail();
+        }
+        catch ( Exception e )
+        {
+            // We are expecting the session to be close here.
+        }
+        
+        // Test again with a bigger size
+        // Limit the PDU size to 1024
+        ldapService.getDirectoryService().setMaxPDUSize( 4096 );
+        
+        ctx = ( DirContext ) getWiredContext( ldapService ).lookup( BASE );
+        person = ( DirContext ) ctx.lookup( RDN );
+        
+        try
+        {
+            person.modifyAttributes( "", DirContext.ADD_ATTRIBUTE, attributes );
+        }
+        catch ( Exception e )
+        {
+            // We should not go there
+            fail();
+        }
+
+        // Read again from directory
+        ctx = ( DirContext ) getWiredContext( ldapService ).lookup( BASE );
+        person = ( DirContext ) ctx.lookup( RDN );
+        
+        assertNotNull( person );
+        attributes = person.getAttributes( "" );
+        Attribute newOcls = attributes.get( "objectClass" );
+
+        assertNotNull( newOcls );
+    }
 }

Modified: directory/apacheds/branches/apacheds-mina2/server-xml/src/main/resources/server.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/server-xml/src/main/resources/server.xml?rev=722452&r1=722451&r2=722452&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/server-xml/src/main/resources/server.xml (original)
+++ directory/apacheds/branches/apacheds-mina2/server-xml/src/main/resources/server.xml Tue
Dec  2 05:23:20 2008
@@ -28,7 +28,8 @@
                            workingDirectory="example.com"
                            allowAnonymousAccess="true"
                            accessControlEnabled="false"
-                           denormalizeOpAttrsEnabled="false">
+                           denormalizeOpAttrsEnabled="false"
+                           maxPDUSize="2000000">
     <systemPartition>
       <!-- use the following partitionConfiguration to override defaults for -->
       <!-- the system partition                                              -->



Mime
View raw message