tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kkoli...@apache.org
Subject svn commit: r1350295 - in /tomcat/trunk: java/org/apache/catalina/connector/ java/org/apache/coyote/ java/org/apache/coyote/ajp/ java/org/apache/coyote/http11/ java/org/apache/coyote/spdy/ java/org/apache/tomcat/util/http/ java/org/apache/tomcat/util/n...
Date Thu, 14 Jun 2012 15:26:43 GMT
Author: kkolinko
Date: Thu Jun 14 15:26:43 2012
New Revision: 1350295

URL: http://svn.apache.org/viewvc?rev=1350295&view=rev
Log:
Implement maxHeaderCount attribute on Connector.
It is equivalent of LimitRequestFields directive of Apache HTTPD

Modified:
    tomcat/trunk/java/org/apache/catalina/connector/Connector.java
    tomcat/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml
    tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
    tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java
    tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java
    tomcat/trunk/java/org/apache/coyote/spdy/SpdyProcessor.java
    tomcat/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties
    tomcat/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java
    tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
    tomcat/trunk/webapps/docs/config/ajp.xml
    tomcat/trunk/webapps/docs/config/http.xml

Modified: tomcat/trunk/java/org/apache/catalina/connector/Connector.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Connector.java?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/Connector.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/Connector.java Thu Jun 14 15:26:43 2012
@@ -394,6 +394,24 @@ public class Connector extends Lifecycle
 
 
     /**
+     * Return the maximum number of headers that are allowed by the container. A
+     * value of less than 0 means no limit.
+     */
+    public int getMaxHeaderCount() {
+        return ((Integer) getProperty("maxHeaderCount")).intValue();
+    }
+
+    /**
+     * Set the maximum number of headers in a request that are allowed by the
+     * container. A value of less than 0 means no limit.
+     *
+     * @param maxHeaderCount The new setting
+     */
+    public void setMaxHeaderCount(int maxHeaderCount) {
+        setProperty("maxHeaderCount", String.valueOf(maxHeaderCount));
+    }
+
+    /**
      * Return the maximum number of parameters (GET plus POST) that will be
      * automatically parsed by the container. A value of less than 0 means no
      * limit.

Modified: tomcat/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml Thu Jun 14 15:26:43
2012
@@ -77,6 +77,10 @@
           description="The port number on which this connector is listening to requests.
If the special value for port of zero is used then this method will report the actual port
bound."
                 type="int"/>
 
+    <attribute   name="maxHeaderCount"
+          description="The maximum number of headers that are allowed by the container. 100
by default. A value of less than 0 means no limit."
+                 type="int"/>
+
     <attribute   name="maxKeepAliveRequests"
           description="Maximum number of Keep-Alive requests to honor per connection"
                  type="int"/>

Modified: tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java Thu Jun 14 15:26:43 2012
@@ -237,6 +237,12 @@ public abstract class AbstractProtocol i
         setConnectionTimeout(timeout);
     }
 
+    public int getMaxHeaderCount() {
+        return endpoint.getMaxHeaderCount();
+    }
+    public void setMaxHeaderCount(int maxHeaderCount) {
+        endpoint.setMaxHeaderCount(maxHeaderCount);
+    }
 
     // ---------------------------------------------------------- Public methods
 

Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Thu Jun 14 15:26:43
2012
@@ -647,6 +647,9 @@ public abstract class AbstractAjpProcess
         // Decode headers
         MimeHeaders headers = request.getMimeHeaders();
 
+        // Set this every time in case limit has been changed via JMX
+        headers.setLimit(endpoint.getMaxHeaderCount());
+
         int hCount = requestHeaderMessage.getInt();
         for(int i = 0 ; i < hCount ; i++) {
             String hName = null;

Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Thu Jun 14 15:26:43
2012
@@ -932,6 +932,8 @@ public abstract class AbstractHttp11Proc
                 } else {
                     request.setStartTime(System.currentTimeMillis());
                     keptAlive = true;
+                    // Set this every time in case limit has been changed via JMX
+                    request.getMimeHeaders().setLimit(endpoint.getMaxHeaderCount());
                     // Currently only NIO will ever return false here
                     if (!getInputBuffer().parseHeaders()) {
                         // We've read part of the request, don't recycle it

Modified: tomcat/trunk/java/org/apache/coyote/spdy/SpdyProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/spdy/SpdyProcessor.java?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/spdy/SpdyProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/spdy/SpdyProcessor.java Thu Jun 14 15:26:43 2012
@@ -519,6 +519,9 @@ public class SpdyProcessor extends Abstr
         // Request received.
         MimeHeaders mimeHeaders = request.getMimeHeaders();
 
+        // Set this every time in case limit has been changed via JMX
+        mimeHeaders.setLimit(endpoint.getMaxHeaderCount());
+
         for (int i = 0; i < frame.nvCount; i++) {
             int nameLen = frame.read16();
             if (nameLen > frame.remaining()) {

Modified: tomcat/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties Thu Jun 14 15:26:43
2012
@@ -28,3 +28,5 @@ parameters.fallToDebug=\n Note: further 
 cookies.invalidCookieToken=Cookies: Invalid cookie. Value not a token or quoted value
 cookies.invalidSpecial=Cookies: Unknown Special Cookie
 cookies.fallToDebug=\n Note: further occurrences of Cookie errors will be logged at DEBUG
level.
+
+headers.maxCountFail=More than the maximum allowed number of headers ([{0}]) were detected.

Modified: tomcat/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java Thu Jun 14 15:26:43 2012
@@ -21,6 +21,7 @@ import java.io.StringWriter;
 import java.util.Enumeration;
 
 import org.apache.tomcat.util.buf.MessageBytes;
+import org.apache.tomcat.util.res.StringManager;
 
 /* XXX XXX XXX Need a major rewrite  !!!!
  */
@@ -95,6 +96,9 @@ public class MimeHeaders {
      */
     public static final int DEFAULT_HEADER_SIZE=8;
 
+    private static final StringManager sm =
+            StringManager.getManager("org.apache.tomcat.util.http");
+
     /**
      * The header fields.
      */
@@ -107,6 +111,11 @@ public class MimeHeaders {
     private int count;
 
     /**
+     * The limit on the number of header fields.
+     */
+    private int limit = -1;
+
+    /**
      * Creates a new MimeHeaders object using a default buffer size.
      */
     public MimeHeaders() {
@@ -114,6 +123,19 @@ public class MimeHeaders {
     }
 
     /**
+     * Set limit on the number of header fields.
+     */
+    public void setLimit(int limit) {
+        this.limit = limit;
+        if (limit > 0 && headers.length > limit && count < limit)
{
+            // shrink header list array
+            MimeHeaderField tmp[] = new MimeHeaderField[limit];
+            System.arraycopy(headers, 0, tmp, 0, count);
+            headers = tmp;
+        }
+    }
+
+    /**
      * Clears all header fields.
      */
     // [seguin] added for consistency -- most other objects have recycle().
@@ -218,11 +240,19 @@ public class MimeHeaders {
      * field has not had its name or value initialized.
      */
     private MimeHeaderField createHeader() {
+        if (limit > -1 && count >= limit) {
+            throw new IllegalStateException(sm.getString(
+                    "headers.maxCountFail", Integer.valueOf(limit)));
+        }
         MimeHeaderField mh;
         int len = headers.length;
         if (count >= len) {
             // expand header list array
-            MimeHeaderField tmp[] = new MimeHeaderField[count * 2];
+            int newLength = count * 2;
+            if (limit > 0 && newLength > limit) {
+                newLength = limit;
+            }
+            MimeHeaderField tmp[] = new MimeHeaderField[newLength];
             System.arraycopy(headers, 0, tmp, 0, len);
             headers = tmp;
         }

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java Thu Jun 14 15:26:43
2012
@@ -349,6 +349,18 @@ public abstract class AbstractEndpoint {
     }
 
     /**
+     * The maximum number of headers in a request that are allowed.
+     * 100 by default. A value of less than 0 means no limit.
+     */
+    private int maxHeaderCount = 100; // as in Apache HTTPD server
+    public int getMaxHeaderCount() {
+        return maxHeaderCount;
+    }
+    public void setMaxHeaderCount(int maxHeaderCount) {
+        this.maxHeaderCount = maxHeaderCount;
+    }
+
+    /**
      * Name of the thread pool, which will be used for naming child threads.
      */
     private String name = "TP";

Modified: tomcat/trunk/webapps/docs/config/ajp.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/ajp.xml?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/ajp.xml (original)
+++ tomcat/trunk/webapps/docs/config/ajp.xml Thu Jun 14 15:26:43 2012
@@ -95,6 +95,13 @@
       By default, DNS lookups are disabled.</p>
     </attribute>
 
+    <attribute name="maxHeaderCount" required="false">
+      <p>The maximum number of headers in a request that are allowed by the
+      container. A request that contains more headers than the specified limit
+      will be rejected. A value of less than 0 means no limit.
+      If not specified, a default of 100 is used.</p>
+    </attribute>
+
     <attribute name="maxParameterCount" required="false">
       <p>The maximum number of parameter and value pairs (GET plus POST) which
       will be automatically parsed by the container. Parameter and value pairs

Modified: tomcat/trunk/webapps/docs/config/http.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1350295&r1=1350294&r2=1350295&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Thu Jun 14 15:26:43 2012
@@ -93,6 +93,13 @@
       By default, DNS lookups are disabled.</p>
     </attribute>
 
+    <attribute name="maxHeaderCount" required="false">
+      <p>The maximum number of headers in a request that are allowed by the
+      container. A request that contains more headers than the specified limit
+      will be rejected. A value of less than 0 means no limit.
+      If not specified, a default of 100 is used.</p>
+    </attribute>
+
     <attribute name="maxParameterCount" required="false">
       <p>The maximum number of parameter and value pairs (GET plus POST) which
       will be automatically parsed by the container. Parameter and value pairs



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message