craigmcc 01/08/21 13:22:28
Modified: catalina/src/share/org/apache/catalina/core
StandardServer.java
Log:
Randomize the pad addition (forgot to save from my editor before
committing last time).
Revision Changes Path
1.10 +13 -15
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardServer.java
Index: StandardServer.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardServer.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- StandardServer.java 2001/08/21 19:35:36 1.9
+++ StandardServer.java 2001/08/21 20:22:28 1.10
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardServer.java,v
1.9 2001/08/21 19:35:36 craigmcc Exp $
- * $Revision: 1.9 $
- * $Date: 2001/08/21 19:35:36 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardServer.java,v
1.10 2001/08/21 20:22:28 craigmcc Exp $
+ * $Revision: 1.10 $
+ * $Date: 2001/08/21 20:22:28 $
*
* ====================================================================
*
@@ -71,6 +71,7 @@
import java.net.ServerSocket;
import java.net.Socket;
import java.security.AccessControlException;
+import java.util.Random;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleException;
@@ -87,7 +88,7 @@
* (but not required) when deploying and starting Catalina.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.9 $ $Date: 2001/08/21 19:35:36 $
+ * @version $Revision: 1.10 $ $Date: 2001/08/21 20:22:28 $
*/
public final class StandardServer
@@ -117,6 +118,13 @@
/**
+ * A random number generator that is <strong>only</strong> used if
+ * the shutdown command string is longer than 1024 characters.
+ */
+ private Random random = null;
+
+
+ /**
* The set of Services associated with this Server.
*/
private Service services[] = new Service[0];
@@ -278,24 +286,14 @@
System.exit(1);
}
- boolean localAddress = isSameAddress(socket.getLocalAddress(),
- socket.getInetAddress());
- if (!localAddress) {
- System.err.println("Invalid shutdown connection from " +
- socket.getInetAddress() + " ignored");
- try {
- socket.close();
- } catch (IOException e) {
- ;
- }
- continue;
- }
-
// Read a set of characters from the socket
StringBuffer command = new StringBuffer();
int expected = 1024; // Cut off to avoid DoS attack
- while (expected < shutdown.length())
- expected += 1024;
+ while (expected < shutdown.length()) {
+ if (random == null)
+ random = new Random(System.currentTimeMillis());
+ expected += (random.nextInt() % 1024);
+ }
while (expected > 0) {
int ch = -1;
try {
