tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Limit anonymous connections to 25

This commit is contained in:
Jean Flach 2018-03-05 13:22:43 +01:00 committed by Gunnar Beutner
parent fdf2dc43d5
commit fda4faac06
3 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/base/netstring.cpp
View File

@ -87,7 +87,7 @@ StreamReadStatus NetString::ReadStringFromStream(const Stream::Ptr& stream, Stri
if (maxMessageLength >= 0 && data_length > maxMessageLength) { if (maxMessageLength >= 0 && data_length > maxMessageLength) {
std::stringstream errorMessage; std::stringstream errorMessage;
errorMessage << "Max data length exceeded: " << (maxMessageLength / 1024 / 1024) << " MB"; errorMessage << "Max data length exceeded: " << (maxMessageLength / 1024) << " KB";
BOOST_THROW_EXCEPTION(std::invalid_argument(errorMessage.str())); BOOST_THROW_EXCEPTION(std::invalid_argument(errorMessage.str()));
} }

14
lib/remote/apilistener.cpp
View File

@ -546,8 +546,12 @@ void ApiListener::NewClientHandlerInternal(const Socket::Ptr& client, const Stri
endpoint->AddClient(aclient); endpoint->AddClient(aclient);
m_SyncQueue.Enqueue(boost::bind(&ApiListener::SyncClient, this, aclient, endpoint, needSync)); m_SyncQueue.Enqueue(boost::bind(&ApiListener::SyncClient, this, aclient, endpoint, needSync));
} else } else {
AddAnonymousClient(aclient); if (!AddAnonymousClient(aclient)) {
Log(LogNotice, "ApiListener", "Ignoring anonymous JSON-RPC connection. Max connections exceeded.");
aclient->Disconnect();
}
}
} else { } else {
Log(LogNotice, "ApiListener", "New HTTP client"); Log(LogNotice, "ApiListener", "New HTTP client");
@ -1358,10 +1362,14 @@ double ApiListener::CalculateZoneLag(const Endpoint::Ptr& endpoint)
return 0; return 0;
} }
void ApiListener::AddAnonymousClient(const JsonRpcConnection::Ptr& aclient) bool ApiListener::AddAnonymousClient(const JsonRpcConnection::Ptr& aclient)
{ {
boost::mutex::scoped_lock lock(m_AnonymousClientsLock); boost::mutex::scoped_lock lock(m_AnonymousClientsLock);
if (m_AnonymousClients.size() > 25)
return false;
m_AnonymousClients.insert(aclient); m_AnonymousClients.insert(aclient);
return true;
} }
void ApiListener::RemoveAnonymousClient(const JsonRpcConnection::Ptr& aclient) void ApiListener::RemoveAnonymousClient(const JsonRpcConnection::Ptr& aclient)

2
lib/remote/apilistener.hpp
View File

@ -79,7 +79,7 @@ public:
static void StatsFunc(const Dictionary::Ptr& status, const Array::Ptr& perfdata); static void StatsFunc(const Dictionary::Ptr& status, const Array::Ptr& perfdata);
std::pair<Dictionary::Ptr, Dictionary::Ptr> GetStatus(void); std::pair<Dictionary::Ptr, Dictionary::Ptr> GetStatus(void);
void AddAnonymousClient(const JsonRpcConnection::Ptr& aclient); bool AddAnonymousClient(const JsonRpcConnection::Ptr& aclient);
void RemoveAnonymousClient(const JsonRpcConnection::Ptr& aclient); void RemoveAnonymousClient(const JsonRpcConnection::Ptr& aclient);
std::set<JsonRpcConnection::Ptr> GetAnonymousClients(void) const; std::set<JsonRpcConnection::Ptr> GetAnonymousClients(void) const;