diff options
author | Havoc Pennington <hp@redhat.com> | 2003-04-24 22:30:38 +0000 |
---|---|---|
committer | Havoc Pennington <hp@redhat.com> | 2003-04-24 22:30:38 +0000 |
commit | 3185d7edde8ffc7672aa7d771966b0f1e0158aea (patch) | |
tree | 03f33d4ca7737d26badd04f2fd6ee95db0ffdba7 /bus/bus.c | |
parent | 1820f3bd0a5a4b0ab14dbcc80ba1b68d2c48e01d (diff) |
2003-04-24 Havoc Pennington <hp@redhat.com>
* test/data/valid-config-files/basic.conf: add <limit> tags to
this test
* bus/config-parser.h, bus/config-parser.c, bus/bus.c: Implement
<limit> tag in configuration file.
Diffstat (limited to 'bus/bus.c')
-rw-r--r-- | bus/bus.c | 55 |
1 files changed, 12 insertions, 43 deletions
@@ -45,14 +45,7 @@ struct BusContext BusRegistry *registry; BusPolicy *policy; DBusUserDatabase *user_database; - long max_incoming_bytes; /**< How many incoming messages for a connection */ - long max_outgoing_bytes; /**< How many outgoing bytes can be queued for a connection */ - long max_message_size; /**< Max size of a single message in bytes */ - int activation_timeout; /**< How long to wait for an activation to time out */ - int auth_timeout; /**< How long to wait for an authentication to time out */ - int max_completed_connections; /**< Max number of authorized connections */ - int max_incomplete_connections; /**< Max number of incomplete connections */ - int max_connections_per_user; /**< Max number of connections auth'd as same user */ + BusLimits limits; }; static int server_data_slot = -1; @@ -215,10 +208,10 @@ new_connection_callback (DBusServer *server, } dbus_connection_set_max_received_size (new_connection, - context->max_incoming_bytes); + context->limits.max_incoming_bytes); dbus_connection_set_max_message_size (new_connection, - context->max_message_size); + context->limits.max_message_size); /* on OOM, we won't have ref'd the connection so it will die. */ } @@ -357,38 +350,14 @@ bus_context_new (const DBusString *config_file, context->refcount = 1; + /* get our limits and timeout lengths */ + bus_config_parser_get_limits (parser, &context->limits); + /* we need another ref of the server data slot for the context * to own */ if (!server_data_slot_ref ()) _dbus_assert_not_reached ("second ref of server data slot failed"); - - /* Make up some numbers! woot! */ - context->max_incoming_bytes = _DBUS_ONE_MEGABYTE * 63; - context->max_outgoing_bytes = _DBUS_ONE_MEGABYTE * 63; - context->max_message_size = _DBUS_ONE_MEGABYTE * 32; - -#ifdef DBUS_BUILD_TESTS - context->activation_timeout = 6000; /* 6 seconds */ -#else - context->activation_timeout = 15000; /* 15 seconds */ -#endif - - /* Making this long risks making a DOS attack easier, but too short - * and legitimate auth will fail. If interactive auth (ask user for - * password) is allowed, then potentially it has to be quite long. - * Ultimately it needs to come from the configuration file. - */ - context->auth_timeout = 3000; /* 3 seconds */ - - context->max_incomplete_connections = 32; - context->max_connections_per_user = 128; - - /* Note that max_completed_connections / max_connections_per_user - * is the number of users that would have to work together to - * DOS all the other users. - */ - context->max_completed_connections = 1024; context->user_database = _dbus_user_database_new (); if (context->user_database == NULL) @@ -829,31 +798,31 @@ int bus_context_get_activation_timeout (BusContext *context) { - return context->activation_timeout; + return context->limits.activation_timeout; } int bus_context_get_auth_timeout (BusContext *context) { - return context->auth_timeout; + return context->limits.auth_timeout; } int bus_context_get_max_completed_connections (BusContext *context) { - return context->max_completed_connections; + return context->limits.max_completed_connections; } int bus_context_get_max_incomplete_connections (BusContext *context) { - return context->max_incomplete_connections; + return context->limits.max_incomplete_connections; } int bus_context_get_max_connections_per_user (BusContext *context) { - return context->max_connections_per_user; + return context->limits.max_connections_per_user; } dbus_bool_t @@ -919,7 +888,7 @@ bus_context_check_security_policy (BusContext *context, /* See if limits on size have been exceeded */ if (recipient && dbus_connection_get_outgoing_size (recipient) > - context->max_outgoing_bytes) + context->limits.max_outgoing_bytes) { const char *dest = dbus_message_get_destination (message); dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED, |