Author: kkolinko Date: Mon Jul 2 14:15:47 2012 New Revision: 1356239 URL: http://svn.apache.org/viewvc?rev=1356239&view=rev Log: * Implement maxHeaderCount attribute on Connector. It is equivalent of LimitRequestFields directive of Apache HTTPD (backport of r1350295) * In JkMain.setProperty(): Fix setting of properties when connector has already started for properties that have aliases. E.g. changing maxHeaderCount attribute on Connector MBean via JMX.
Added: tomcat/tc6.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java (with props) tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java (with props) Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/Connector.java tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProtocol.java tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Protocol.java tomcat/tc6.0.x/trunk/java/org/apache/jk/common/HandlerRequest.java tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkCoyoteHandler.java tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkMain.java tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Jul 2 14:15:47 2012 @@ -144,20 +144,6 @@ PATCHES PROPOSED TO BACKPORT: +1: markt, kfujino, kkolinko -1: -* Implement maxHeaderCount attribute on Connector. - It is equivalent of LimitRequestFields directive of Apache HTTPD - (backport of r1350295) - In JkMain.setProperty(): Fix setting of properties when connector has - already started for properties that have aliases. E.g. changing - maxHeaderCount attribute on Connector MBean via JMX. - Patch: - http://people.apache.org/~kkolinko/patches/2012-06-18_tc6_maxHeaderCount_v2.patch - Eol-Style: - svn propset svn:eol-style native java/org/apache/coyote/AbstractProtocol.java - svn propset svn:eol-style native java/org/apache/tomcat/util/net/AbstractEndpoint.java - +1: kkolinko, markt, kfujino - -1: - * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50306 New StuckThreadDetectionValve to detect requests that take a long time to process, which might indicate that their processing Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/Connector.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/Connector.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/Connector.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/Connector.java Mon Jul 2 14:15:47 2012 @@ -518,6 +518,35 @@ public class Connector /** + * Return the maximum number of headers that are allowed by the container. A + * value of less than 0 means no limit. + */ + public int getMaxHeaderCount() { + Object value = getProperty("maxHeaderCount"); + if (value instanceof Integer) { + return ((Integer) value).intValue(); + } else if (value == null) { + // JkCoyoteHandler does not return the actual value, but the + // one passed to the previous call of setProperty(), which + // is null by default. + // The actual value can be seen in JkHandler MBean "request". + // The default value for maxHeaderCount is known to be 100. + return 100; + } + return Integer.parseInt((String) value); + } + + /** + * Set the maximum number of headers in a request that are allowed by the + * container. A value of less than 0 means no limit. + * + * @param maxHeaderCount The new setting + */ + public void setMaxHeaderCount(int maxHeaderCount) { + setProperty("maxHeaderCount", String.valueOf(maxHeaderCount)); + } + + /** * Return the maximum number of parameters (GET plus POST) that will be * automatically parsed by the container. A value of less than 0 means no * limit. Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/mbeans-descriptors.xml Mon Jul 2 14:15:47 2012 @@ -110,6 +110,10 @@ description="Alias name of this connector's keypair and supporting certificate chain" type="java.lang.String"/> + <attribute name="maxHeaderCount" + description="The maximum number of headers that are allowed by the container. 100 by default. A value of less than 0 means no limit." + type="int"/> + <attribute name="maxHttpHeaderSize" description="Maximum size in bytes of the HTTP header" type="int"/> Added: tomcat/tc6.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java?rev=1356239&view=auto ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java (added) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java Mon Jul 2 14:15:47 2012 @@ -0,0 +1,31 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.coyote; + +import org.apache.tomcat.util.net.AbstractEndpoint; + +public abstract class AbstractProtocol implements ProtocolHandler { + + protected abstract AbstractEndpoint getEndpoint(); + + public int getMaxHeaderCount() { + return getEndpoint().getMaxHeaderCount(); + } + public void setMaxHeaderCount(int maxHeaderCount) { + getEndpoint().setMaxHeaderCount(maxHeaderCount); + } +} Propchange: tomcat/tc6.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java ------------------------------------------------------------------------------ svn:eol-style = native Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java Mon Jul 2 14:15:47 2012 @@ -692,6 +692,9 @@ public class AjpAprProcessor implements // Decode headers MimeHeaders headers = request.getMimeHeaders(); + // Set this every time in case limit has been changed via JMX + headers.setLimit(endpoint.getMaxHeaderCount()); + int hCount = requestHeaderMessage.getInt(); for(int i = 0 ; i < hCount ; i++) { String hName = null; Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java Mon Jul 2 14:15:47 2012 @@ -30,13 +30,14 @@ import javax.management.MBeanRegistratio import javax.management.MBeanServer; import javax.management.ObjectName; +import org.apache.coyote.AbstractProtocol; import org.apache.coyote.ActionCode; import org.apache.coyote.ActionHook; import org.apache.coyote.Adapter; -import org.apache.coyote.ProtocolHandler; import org.apache.coyote.RequestGroupInfo; import org.apache.coyote.RequestInfo; import org.apache.tomcat.util.modeler.Registry; +import org.apache.tomcat.util.net.AbstractEndpoint; import org.apache.tomcat.util.net.AprEndpoint; import org.apache.tomcat.util.net.SocketStatus; import org.apache.tomcat.util.net.AprEndpoint.Handler; @@ -51,8 +52,8 @@ import org.apache.tomcat.util.res.String * @author Remy Maucherat * @author Costin Manolache */ -public class AjpAprProtocol - implements ProtocolHandler, MBeanRegistration { +public class AjpAprProtocol extends AbstractProtocol + implements MBeanRegistration { protected static org.apache.juli.logging.Log log = @@ -91,6 +92,9 @@ public class AjpAprProtocol */ protected AprEndpoint endpoint = new AprEndpoint(); + protected final AbstractEndpoint getEndpoint() { + return endpoint; + } /** * Configuration attributes. Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Mon Jul 2 14:15:47 2012 @@ -697,6 +697,9 @@ public class AjpProcessor implements Act // Decode headers MimeHeaders headers = request.getMimeHeaders(); + // Set this every time in case limit has been changed via JMX + headers.setLimit(endpoint.getMaxHeaderCount()); + int hCount = requestHeaderMessage.getInt(); for(int i = 0 ; i < hCount ; i++) { String hName = null; Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProtocol.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProtocol.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProtocol.java Mon Jul 2 14:15:47 2012 @@ -31,13 +31,14 @@ import javax.management.MBeanRegistratio import javax.management.MBeanServer; import javax.management.ObjectName; +import org.apache.coyote.AbstractProtocol; import org.apache.coyote.ActionCode; import org.apache.coyote.ActionHook; import org.apache.coyote.Adapter; -import org.apache.coyote.ProtocolHandler; import org.apache.coyote.RequestGroupInfo; import org.apache.coyote.RequestInfo; import org.apache.tomcat.util.modeler.Registry; +import org.apache.tomcat.util.net.AbstractEndpoint; import org.apache.tomcat.util.net.JIoEndpoint; import org.apache.tomcat.util.net.JIoEndpoint.Handler; import org.apache.tomcat.util.res.StringManager; @@ -51,8 +52,8 @@ import org.apache.tomcat.util.res.String * @author Remy Maucherat * @author Costin Manolache */ -public class AjpProtocol - implements ProtocolHandler, MBeanRegistration { +public class AjpProtocol extends AbstractProtocol + implements MBeanRegistration { protected static org.apache.juli.logging.Log log = @@ -91,6 +92,9 @@ public class AjpProtocol */ protected JIoEndpoint endpoint = new JIoEndpoint(); + protected final AbstractEndpoint getEndpoint() { + return endpoint; + } /** * Configuration attributes. Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java Mon Jul 2 14:15:47 2012 @@ -837,6 +837,8 @@ public class Http11AprProcessor implemen if (!disableUploadTimeout) { Socket.timeoutSet(socket, timeout * 1000); } + // Set this every time in case limit has been changed via JMX + request.getMimeHeaders().setLimit(endpoint.getMaxHeaderCount()); inputBuffer.parseHeaders(); } catch (IOException e) { error = true; Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java Mon Jul 2 14:15:47 2012 @@ -31,13 +31,14 @@ import javax.management.MBeanRegistratio import javax.management.MBeanServer; import javax.management.ObjectName; +import org.apache.coyote.AbstractProtocol; import org.apache.coyote.ActionCode; import org.apache.coyote.ActionHook; import org.apache.coyote.Adapter; -import org.apache.coyote.ProtocolHandler; import org.apache.coyote.RequestGroupInfo; import org.apache.coyote.RequestInfo; import org.apache.tomcat.util.modeler.Registry; +import org.apache.tomcat.util.net.AbstractEndpoint; import org.apache.tomcat.util.net.AprEndpoint; import org.apache.tomcat.util.net.SocketStatus; import org.apache.tomcat.util.net.AprEndpoint.Handler; @@ -52,7 +53,8 @@ import org.apache.tomcat.util.res.String * @author Remy Maucherat * @author Costin Manolache */ -public class Http11AprProtocol implements ProtocolHandler, MBeanRegistration { +public class Http11AprProtocol extends AbstractProtocol + implements MBeanRegistration { protected static org.apache.juli.logging.Log log = org.apache.juli.logging.LogFactory.getLog(Http11AprProtocol.class); @@ -188,6 +190,10 @@ public class Http11AprProtocol implement protected AprEndpoint endpoint=new AprEndpoint(); + protected final AbstractEndpoint getEndpoint() { + return endpoint; + } + protected HashMap<String, Object> attributes = new HashMap<String, Object>(); private Http11ConnectionHandler cHandler = new Http11ConnectionHandler(this); Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java Mon Jul 2 14:15:47 2012 @@ -836,6 +836,8 @@ public class Http11NioProcessor implemen break; } keptAlive = true; + // Set this every time in case limit has been changed via JMX + request.getMimeHeaders().setLimit(endpoint.getMaxHeaderCount()); if ( !inputBuffer.parseHeaders() ) { //we've read part of the request, don't recycle it //instead associate it with the socket Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java Mon Jul 2 14:15:47 2012 @@ -29,13 +29,14 @@ import javax.management.MBeanRegistratio import javax.management.MBeanServer; import javax.management.ObjectName; +import org.apache.coyote.AbstractProtocol; import org.apache.coyote.ActionCode; import org.apache.coyote.ActionHook; import org.apache.coyote.Adapter; -import org.apache.coyote.ProtocolHandler; import org.apache.coyote.RequestGroupInfo; import org.apache.coyote.RequestInfo; import org.apache.tomcat.util.modeler.Registry; +import org.apache.tomcat.util.net.AbstractEndpoint; import org.apache.tomcat.util.net.NioChannel; import org.apache.tomcat.util.net.NioEndpoint; import org.apache.tomcat.util.net.NioEndpoint.Handler; @@ -54,7 +55,7 @@ import org.apache.tomcat.util.res.String * @author Costin Manolache * @author Filip Hanik */ -public class Http11NioProtocol implements ProtocolHandler, MBeanRegistration +public class Http11NioProtocol extends AbstractProtocol implements MBeanRegistration { protected JSSEImplementation sslImplementation = null; @@ -207,6 +208,11 @@ public class Http11NioProtocol implement // -------------------- Properties-------------------- protected NioEndpoint ep=new NioEndpoint(); + + protected final AbstractEndpoint getEndpoint() { + return ep; + } + protected boolean secure = false; protected Hashtable attributes = new Hashtable(); Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java Mon Jul 2 14:15:47 2012 @@ -819,6 +819,8 @@ public class Http11Processor implements } else { socket.setSoTimeout(timeout); } + // Set this every time in case limit has been changed via JMX + request.getMimeHeaders().setLimit(endpoint.getMaxHeaderCount()); inputBuffer.parseHeaders(); } catch (IOException e) { error = true; Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Protocol.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Protocol.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Protocol.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Protocol.java Mon Jul 2 14:15:47 2012 @@ -31,13 +31,14 @@ import javax.management.MBeanRegistratio import javax.management.MBeanServer; import javax.management.ObjectName; +import org.apache.coyote.AbstractProtocol; import org.apache.coyote.ActionCode; import org.apache.coyote.ActionHook; import org.apache.coyote.Adapter; -import org.apache.coyote.ProtocolHandler; import org.apache.coyote.RequestGroupInfo; import org.apache.coyote.RequestInfo; import org.apache.tomcat.util.modeler.Registry; +import org.apache.tomcat.util.net.AbstractEndpoint; import org.apache.tomcat.util.net.JIoEndpoint; import org.apache.tomcat.util.net.SSLImplementation; import org.apache.tomcat.util.net.ServerSocketFactory; @@ -53,8 +54,8 @@ import org.apache.tomcat.util.res.String * @author Remy Maucherat * @author Costin Manolache */ -public class Http11Protocol - implements ProtocolHandler, MBeanRegistration { +public class Http11Protocol extends AbstractProtocol + implements MBeanRegistration { protected static org.apache.juli.logging.Log log @@ -84,6 +85,9 @@ public class Http11Protocol protected Http11ConnectionHandler cHandler = new Http11ConnectionHandler(this); protected JIoEndpoint endpoint = new JIoEndpoint(); + protected final AbstractEndpoint getEndpoint() { + return endpoint; + } // * protected ObjectName tpOname = null; Modified: tomcat/tc6.0.x/trunk/java/org/apache/jk/common/HandlerRequest.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/jk/common/HandlerRequest.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/jk/common/HandlerRequest.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/jk/common/HandlerRequest.java Mon Jul 2 14:15:47 2012 @@ -183,6 +183,20 @@ public class HandlerRequest extends JkHa return delayInitialRead; } + /** + * Set the maximum number of headers in a request that are allowed. + */ + public void setMaxHeaderCount(int maxHeaderCount) { + this.maxHeaderCount = maxHeaderCount; + } + + /** + * Get the maximum number of headers in a request that are allowed. + */ + public int getMaxHeaderCount() { + return maxHeaderCount; + } + // -------------------- Ajp13.id -------------------- private void generateAjp13Id() { @@ -229,12 +243,18 @@ public class HandlerRequest extends JkHa private int secretNote; private int tmpBufNote; + /** + * The maximum number of headers in a request that are allowed. + * 100 by default. A value of less than 0 means no limit. + */ + private int maxHeaderCount = 100; // as in Apache HTTPD server + private boolean decoded=true; private boolean tomcatAuthentication=true; private boolean registerRequests=true; private boolean shutdownEnabled=false; private boolean delayInitialRead = true; - + public int invoke(Msg msg, MsgContext ep ) throws IOException { int type=msg.getByte(); @@ -564,6 +584,9 @@ public class HandlerRequest extends JkHa // Decode headers MimeHeaders headers = req.getMimeHeaders(); + // Set this every time in case limit has been changed via JMX + req.getMimeHeaders().setLimit(maxHeaderCount); + int hCount = msg.getInt(); for(int i = 0 ; i < hCount ; i++) { String hName = null; Modified: tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkCoyoteHandler.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkCoyoteHandler.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkCoyoteHandler.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkCoyoteHandler.java Mon Jul 2 14:15:47 2012 @@ -103,7 +103,7 @@ public class JkCoyoteHandler extends JkH } return jkMain; } - + boolean started=false; /** Start the protocol Modified: tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkMain.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkMain.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkMain.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/jk/server/JkMain.java Mon Jul 2 14:15:47 2012 @@ -151,7 +151,19 @@ public class JkMain implements MBeanRegi } props.put( n, v ); if( started ) { + // Replacements need special processing only when started==true, + // because preProcessProperties() handles them during startup. + String alias = (String) replacements.get(n); + if (alias != null) { + props.put( alias, v ); + if (log.isDebugEnabled()) { + log.debug("Substituting " + n + " " + alias + " " + v); + } + } processProperty( n, v ); + if (alias != null) { + processProperty( alias, v ); + } saveProperties(); } } @@ -533,6 +545,7 @@ public class JkMain implements MBeanRegi replacements.put("bufferSize", "channelSocket.bufferSize"); replacements.put("tomcatAuthentication", "request.tomcatAuthentication"); replacements.put("packetSize", "channelSocket.packetSize"); + replacements.put("maxHeaderCount", "request.maxHeaderCount"); } private void preProcessProperties() { Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties Mon Jul 2 14:15:47 2012 @@ -22,3 +22,5 @@ parameters.invalidChunk=Invalid chunk st parameters.maxCountFail=More than the maximum number of request parameters (GET plus POST) for a single request ([{0}]) were detected. Any parameters beyond this limit have been ignored. To change this limit, set the maxParameterCount attribute on the Connector. parameters.multipleDecodingFail=Character decoding failed. A total of [{0}] failures were detected but only the first was logged. Enable debug level logging for this logger to log all failures. parameters.noequal=Parameter starting at position [{0}] and ending at position [{1}] with a value of [{0}] was not followed by an '=' character + +headers.maxCountFail=More than the maximum allowed number of headers ([{0}]) were detected. Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/MimeHeaders.java Mon Jul 2 14:15:47 2012 @@ -22,6 +22,7 @@ import java.io.StringWriter; import java.util.Enumeration; import org.apache.tomcat.util.buf.MessageBytes; +import org.apache.tomcat.util.res.StringManager; /* XXX XXX XXX Need a major rewrite !!!! */ @@ -96,7 +97,10 @@ public class MimeHeaders { * XXX make it configurable ( fine-tuning of web-apps ) */ public static final int DEFAULT_HEADER_SIZE=8; - + + private static final StringManager sm = + StringManager.getManager("org.apache.tomcat.util.http"); + /** * The header fields. */ @@ -109,12 +113,30 @@ public class MimeHeaders { private int count; /** + * The limit on the number of header fields. + */ + private int limit = -1; + + /** * Creates a new MimeHeaders object using a default buffer size. */ public MimeHeaders() { } /** + * Set limit on the number of header fields. + */ + public void setLimit(int limit) { + this.limit = limit; + if (limit > 0 && headers.length > limit && count < limit) { + // shrink header list array + MimeHeaderField tmp[] = new MimeHeaderField[limit]; + System.arraycopy(headers, 0, tmp, 0, count); + headers = tmp; + } + } + + /** * Clears all header fields. */ // [seguin] added for consistency -- most other objects have recycle(). @@ -218,11 +240,19 @@ public class MimeHeaders { * field has not had its name or value initialized. */ private MimeHeaderField createHeader() { + if (limit > -1 && count >= limit) { + throw new IllegalStateException(sm.getString( + "headers.maxCountFail", Integer.valueOf(limit))); + } MimeHeaderField mh; int len = headers.length; if (count >= len) { // expand header list array - MimeHeaderField tmp[] = new MimeHeaderField[count * 2]; + int newLength = count * 2; + if (limit > 0 && newLength > limit) { + newLength = limit; + } + MimeHeaderField tmp[] = new MimeHeaderField[newLength]; System.arraycopy(headers, 0, tmp, 0, len); headers = tmp; } Added: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java?rev=1356239&view=auto ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java (added) +++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java Mon Jul 2 14:15:47 2012 @@ -0,0 +1,33 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.net; + +public class AbstractEndpoint { + + /** + * The maximum number of headers in a request that are allowed. + * 100 by default. A value of less than 0 means no limit. + */ + private int maxHeaderCount = 100; // as in Apache HTTPD server + public int getMaxHeaderCount() { + return maxHeaderCount; + } + public void setMaxHeaderCount(int maxHeaderCount) { + this.maxHeaderCount = maxHeaderCount; + } + +} Propchange: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java ------------------------------------------------------------------------------ svn:eol-style = native Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Mon Jul 2 14:15:47 2012 @@ -55,7 +55,7 @@ import org.apache.tomcat.util.res.String * @author Mladen Turk * @author Remy Maucherat */ -public class AprEndpoint { +public class AprEndpoint extends AbstractEndpoint { // -------------------------------------------------------------- Constants Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java Mon Jul 2 14:15:47 2012 @@ -45,7 +45,7 @@ import org.apache.tomcat.util.res.String * @author Yoav Shapira * @author Remy Maucherat */ -public class JIoEndpoint { +public class JIoEndpoint extends AbstractEndpoint { // -------------------------------------------------------------- Constants Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java Mon Jul 2 14:15:47 2012 @@ -77,7 +77,7 @@ import org.apache.tomcat.util.res.String * @author Remy Maucherat * @author Filip Hanik */ -public class NioEndpoint { +public class NioEndpoint extends AbstractEndpoint { // -------------------------------------------------------------- Constants Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Jul 2 14:15:47 2012 @@ -186,6 +186,20 @@ <fix> Improve <code>InternalNioInputBuffer.parseHeaders()</code>. (kkolinko) </fix> + <add> + Implement <code>maxHeaderCount</code> attribute on Connector. + It is equivalent of LimitRequestFields directive of + <a href="http://httpd.apache.org/">Apache HTTPD</a>. + Default value is 100. (kkolinko) + </add> + <fix> + In JkCoyoteHandler connector for AJP/1.3 protocol + (in <code>JkMain.setProperty()</code>): + Fix setting of properties when connector has already started for + properties that have aliases. E.g. it now allows to change + <code>maxHeaderCount</code> attribute on Connector MBean via JMX. + (kkolinko) + </fix> </changelog> </subsection> <subsection name="Jasper"> Modified: tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml Mon Jul 2 14:15:47 2012 @@ -93,6 +93,13 @@ By default, DNS lookups are disabled.</p> </attribute> + <attribute name="maxHeaderCount" required="false"> + <p>The maximum number of headers in a request that are allowed by the + container. A request that contains more headers than the specified limit + will be rejected. A value of less than 0 means no limit. + If not specified, a default of 100 is used.</p> + </attribute> + <attribute name="maxParameterCount" required="false"> <p>The maximum number of parameters (GET plus POST) which will be automatically parsed by the container. A value of less than 0 means no Modified: tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml?rev=1356239&r1=1356238&r2=1356239&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml Mon Jul 2 14:15:47 2012 @@ -100,6 +100,13 @@ By default, DNS lookups are disabled.</p> </attribute> + <attribute name="maxHeaderCount" required="false"> + <p>The maximum number of headers in a request that are allowed by the + container. A request that contains more headers than the specified limit + will be rejected. A value of less than 0 means no limit. + If not specified, a default of 100 is used.</p> + </attribute> + <attribute name="maxParameterCount" required="false"> <p>The maximum number of parameters (GET plus POST) which will be automatically parsed by the container. A value of less than 0 means no --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org