summaryrefslogtreecommitdiffstats
path: root/bus/bus.c
diff options
context:
space:
mode:
authorHavoc Pennington <hp@redhat.com>2003-04-24 22:30:38 +0000
committerHavoc Pennington <hp@redhat.com>2003-04-24 22:30:38 +0000
commit3185d7edde8ffc7672aa7d771966b0f1e0158aea (patch)
tree03f33d4ca7737d26badd04f2fd6ee95db0ffdba7 /bus/bus.c
parent1820f3bd0a5a4b0ab14dbcc80ba1b68d2c48e01d (diff)
2003-04-24 Havoc Pennington <hp@redhat.com>
* test/data/valid-config-files/basic.conf: add <limit> tags to this test * bus/config-parser.h, bus/config-parser.c, bus/bus.c: Implement <limit> tag in configuration file.
Diffstat (limited to 'bus/bus.c')
-rw-r--r--bus/bus.c55
1 files changed, 12 insertions, 43 deletions
diff --git a/bus/bus.c b/bus/bus.c
index 53ad8e65..7bb4bf99 100644
--- a/bus/bus.c
+++ b/bus/bus.c
@@ -45,14 +45,7 @@ struct BusContext
BusRegistry *registry;
BusPolicy *policy;
DBusUserDatabase *user_database;
- long max_incoming_bytes; /**< How many incoming messages for a connection */
- long max_outgoing_bytes; /**< How many outgoing bytes can be queued for a connection */
- long max_message_size; /**< Max size of a single message in bytes */
- int activation_timeout; /**< How long to wait for an activation to time out */
- int auth_timeout; /**< How long to wait for an authentication to time out */
- int max_completed_connections; /**< Max number of authorized connections */
- int max_incomplete_connections; /**< Max number of incomplete connections */
- int max_connections_per_user; /**< Max number of connections auth'd as same user */
+ BusLimits limits;
};
static int server_data_slot = -1;
@@ -215,10 +208,10 @@ new_connection_callback (DBusServer *server,
}
dbus_connection_set_max_received_size (new_connection,
- context->max_incoming_bytes);
+ context->limits.max_incoming_bytes);
dbus_connection_set_max_message_size (new_connection,
- context->max_message_size);
+ context->limits.max_message_size);
/* on OOM, we won't have ref'd the connection so it will die. */
}
@@ -357,38 +350,14 @@ bus_context_new (const DBusString *config_file,
context->refcount = 1;
+ /* get our limits and timeout lengths */
+ bus_config_parser_get_limits (parser, &context->limits);
+
/* we need another ref of the server data slot for the context
* to own
*/
if (!server_data_slot_ref ())
_dbus_assert_not_reached ("second ref of server data slot failed");
-
- /* Make up some numbers! woot! */
- context->max_incoming_bytes = _DBUS_ONE_MEGABYTE * 63;
- context->max_outgoing_bytes = _DBUS_ONE_MEGABYTE * 63;
- context->max_message_size = _DBUS_ONE_MEGABYTE * 32;
-
-#ifdef DBUS_BUILD_TESTS
- context->activation_timeout = 6000; /* 6 seconds */
-#else
- context->activation_timeout = 15000; /* 15 seconds */
-#endif
-
- /* Making this long risks making a DOS attack easier, but too short
- * and legitimate auth will fail. If interactive auth (ask user for
- * password) is allowed, then potentially it has to be quite long.
- * Ultimately it needs to come from the configuration file.
- */
- context->auth_timeout = 3000; /* 3 seconds */
-
- context->max_incomplete_connections = 32;
- context->max_connections_per_user = 128;
-
- /* Note that max_completed_connections / max_connections_per_user
- * is the number of users that would have to work together to
- * DOS all the other users.
- */
- context->max_completed_connections = 1024;
context->user_database = _dbus_user_database_new ();
if (context->user_database == NULL)
@@ -829,31 +798,31 @@ int
bus_context_get_activation_timeout (BusContext *context)
{
- return context->activation_timeout;
+ return context->limits.activation_timeout;
}
int
bus_context_get_auth_timeout (BusContext *context)
{
- return context->auth_timeout;
+ return context->limits.auth_timeout;
}
int
bus_context_get_max_completed_connections (BusContext *context)
{
- return context->max_completed_connections;
+ return context->limits.max_completed_connections;
}
int
bus_context_get_max_incomplete_connections (BusContext *context)
{
- return context->max_incomplete_connections;
+ return context->limits.max_incomplete_connections;
}
int
bus_context_get_max_connections_per_user (BusContext *context)
{
- return context->max_connections_per_user;
+ return context->limits.max_connections_per_user;
}
dbus_bool_t
@@ -919,7 +888,7 @@ bus_context_check_security_policy (BusContext *context,
/* See if limits on size have been exceeded */
if (recipient &&
dbus_connection_get_outgoing_size (recipient) >
- context->max_outgoing_bytes)
+ context->limits.max_outgoing_bytes)
{
const char *dest = dbus_message_get_destination (message);
dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED,