cvs commit: jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11 Http11Processor.java

Tue, 19 Mar 2002 21:15:15 -0800 

billbarker    02/03/19 21:33:27

  Modified:    http11/src/java/org/apache/coyote/http11
                        Http11Processor.java
  Log:
  Add support for MaxKeepAliveRequests like in Apache httpd.
  
  This is primarily a protection against DoS attacks.  With this enabled, we 
eventually gracefully drop a Keep-Alive connection for greedy clients.  By default, 
this is currently disabled (so no change in the behavior).  It needs to be set by the 
Adaptor to have any effect.
  
  Revision  Changes    Path
  1.11      +26 -0     
jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java
  
  Index: Http11Processor.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- Http11Processor.java      15 Mar 2002 19:02:58 -0000      1.10
  +++ Http11Processor.java      20 Mar 2002 05:33:27 -0000      1.11
  @@ -200,6 +200,11 @@
           = org.apache.commons.logging.LogFactory.getLog(Http11Processor.class);
   
   
  +    /**
  +     * Maximum number of Keep-Alive requests to honor.
  +     */
  +    protected int maxKeepAliveRequests=-1;
  +
       // --------------------------------------------------------- Public Methods
   
   
  @@ -262,6 +267,22 @@
   
   
       /**
  +     * Set the maximum number of Keep-Alive requests to honor.
  +     * This is to safeguard from DoS attacks.  Setting to a negative
  +     * value disables the check.
  +     */
  +    public void setMaxKeepAliveRequests(int mkar) {
  +        maxKeepAliveRequests = mkar;
  +    }
  +
  +    /**
  +     * Return the number of Keep-Alive requests that we will honor.
  +     */
  +    public int getMaxKeepAliveRequests() {
  +        return maxKeepAliveRequests;
  +    }
  +
  +    /**
        * Process pipelined HTTP requests using the specified input and output
        * streams.
        * 
  @@ -281,6 +302,8 @@
           error = false;
           keepAlive = true;
   
  +        int keepAliveLeft=maxKeepAliveRequests;
  +
           while (started && !error && keepAlive) {
   
               try {
  @@ -298,6 +321,9 @@
   
               // Setting up filters, and parse some request headers
               prepareRequest();
  +
  +            if(maxKeepAliveRequests > 0 && --keepAliveLeft == 0)
  +                keepAlive=false;
   
               // Process the request in the adapter
               if (!error) {
  
  
  

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to