marcsaeg 01/03/20 14:21:28
Modified: src/share/org/apache/tomcat/service Tag: tomcat_32
PoolTcpEndpoint.java
Log:
Set the SO_TIMEOUT value on the accepted socket. This prevents a DOS
attacked by clients opening connections and never sending any data.
The default timeout was also increased from 1 second to 5 minutes (which
is the default value used by Apache httpd).
PR: 1006
Submitted by: [EMAIL PROTECTED] (Tal Dayan)
Revision Changes Path
No revision
No revision
1.8.2.4 +9 -6
jakarta-tomcat/src/share/org/apache/tomcat/service/Attic/PoolTcpEndpoint.java
Index: PoolTcpEndpoint.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/service/Attic/PoolTcpEndpoint.java,v
retrieving revision 1.8.2.3
retrieving revision 1.8.2.4
diff -u -r1.8.2.3 -r1.8.2.4
--- PoolTcpEndpoint.java 2000/11/17 23:19:55 1.8.2.3
+++ PoolTcpEndpoint.java 2001/03/20 22:21:25 1.8.2.4
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/service/Attic/PoolTcpEndpoint.java,v
1.8.2.3 2000/11/17 23:19:55 craigmcc Exp $
- * $Revision: 1.8.2.3 $
- * $Date: 2000/11/17 23:19:55 $
+ * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/service/Attic/PoolTcpEndpoint.java,v
1.8.2.4 2001/03/20 22:21:25 marcsaeg Exp $
+ * $Revision: 1.8.2.4 $
+ * $Date: 2001/03/20 22:21:25 $
*
* ====================================================================
*
@@ -98,7 +98,7 @@
private static StringManager sm =
StringManager.getManager("org.apache.tomcat.service");
private static final int BACKLOG = 100;
- private static final int TIMEOUT = 1000;
+ private static final int TIMEOUT = 300000; // 5 minutes
private boolean isPool = true;
@@ -290,8 +290,11 @@
accepted = null;
}
}
- if( factory != null && accepted != null)
- factory.initSocket( accepted );
+
+ if(accepted != null)
+ accepted.setSoTimeout(timeout);
+ if( factory != null && accepted != null)
+ factory.initSocket( accepted );
}
}
