2003-04-05 Havoc Pennington <hp@pobox.com>
+ * bus/bus.c (setup_server): fix this so dbus-daemon-1 doesn't
+ crash on startup. Need to get "try starting the daemon"
+ in the test suite I guess. ;-)
+
+ * dbus/dbus-server.h, dbus/dbus-server.c: remove the stuff that
+ tracked the number of open connections; it's better done in
+ application-specific code as you want it to span all servers etc.
+
+2003-04-05 Havoc Pennington <hp@pobox.com>
+
* bus/Makefile.am (install-data-hook): add missing DESTDIR,
patch from Colin Walters
BusConnections *connections;
BusActivation *activation;
BusRegistry *registry;
- DBusList *default_rules; /**< Default policy rules */
- DBusList *mandatory_rules; /**< Mandatory policy rules */
- DBusHashTable *rules_by_uid; /**< per-UID policy rules */
- DBusHashTable *rules_by_gid; /**< per-GID policy rules */
- int activation_timeout; /**< How long to wait for an activation to time out */
+ DBusList *default_rules; /**< Default policy rules */
+ DBusList *mandatory_rules; /**< Mandatory policy rules */
+ DBusHashTable *rules_by_uid; /**< per-UID policy rules */
+ DBusHashTable *rules_by_gid; /**< per-GID policy rules */
+ int activation_timeout; /**< How long to wait for an activation to time out */
+ int auth_timeout; /**< How long to wait for an authentication to time out */
+ int max_completed_connections; /**< Max number of authorized connections */
+ int max_incomplete_connections; /**< Max number of incomplete connections */
+ int max_connections_per_user; /**< Max number of connections auth'd as same user */
};
static int server_data_slot = -1;
DBusError *error)
{
BusServerData *bd;
+
+ bd = dbus_new0 (BusServerData, 1);
+ if (!dbus_server_set_data (server,
+ server_data_slot,
+ bd, free_server_data))
+ {
+ dbus_free (bd);
+ BUS_SET_OOM (error);
+ return FALSE;
+ }
+
+ bd->context = context;
if (!dbus_server_set_auth_mechanisms (server, (const char**) auth_mechanisms))
{
return FALSE;
}
- bd = dbus_new0 (BusServerData, 1);
- if (!dbus_server_set_data (server,
- server_data_slot,
- bd, free_server_data))
- {
- dbus_free (bd);
- return FALSE;
- }
-
- bd->context = context;
-
return TRUE;
}
context->refcount = 1;
#ifdef DBUS_BUILD_TESTS
- context->activation_timeout = 6000; /* 6/10 second */ /* FIXME */
+ context->activation_timeout = 6000; /* 6 seconds */
#else
- context->activation_timeout = 10000; /* 10 seconds */
+ context->activation_timeout = 15000; /* 15 seconds */
#endif
+
+ /* Making this long risks making a DOS attack easier, but too short
+ * and legitimate auth will fail. If interactive auth (ask user for
+ * password) is allowed, then potentially it has to be quite long.
+ * Ultimately it needs to come from the configuration file.
+ */
+ context->auth_timeout = 3000; /* 3 seconds */
+
+ context->max_incomplete_connections = 32;
+ context->max_connections_per_user = 128;
+
+ /* Note that max_completed_connections / max_connections_per_user
+ * is the number of users that would have to work together to
+ * DOS all the other users.
+ */
+ context->max_completed_connections = 1024;
context->loop = bus_loop_new ();
if (context->loop == NULL)
server->connection_counter = _dbus_counter_new ();
if (server->connection_counter == NULL)
- goto failed;
-
- server->max_connections = 256; /* same as an X server, seems like a nice default */
+ goto failed;
_dbus_data_slot_list_init (&server->slot_list);
return TRUE;
}
-/**
- * Sets the maximum number of connections that can be open at one
- * time for this server. If the maximum is reached, and another
- * client tries to connect, then the oldest unauthenticated client
- * will be dropped. If no unauthenticated client exists, then
- * the new connection will be refused.
- *
- * If the maximum is set to a number lower than the current
- * number of connections, no current connections are
- * disconnected.
- *
- * @todo honoring max_connections has not been implemented
- * yet. The only real work involved is keeping a list
- * of live connections on the DBusServer so the oldest
- * unauthenticated client can be located when required.
- *
- * @todo for a systemwide daemon, we need a max number of connections
- * per user, since any user can authenticate a bunch of connections
- * and create a DOS.
- *
- * @todo a single process might listen on multiple mechanisms
- * (multiple DBusServer) and might want the max connections
- * value to span all those servers. Should consider
- * changing the API accordingly, though I'm inclined to
- * punt this to the app that wants to do it instead of
- * putting it in the library.
- *
- * @param server the server
- * @param max_connections maximum number of connections allowed
- */
-void
-dbus_server_set_max_connections (DBusServer *server,
- int max_connections)
-{
- server->max_connections = max_connections;
-}
-
-/**
- * Gets the maximum number of connections that can be active
- * at a time for this server.
- *
- * @param server the server
- * @returns maximum number of connections at once
- */
-int
-dbus_server_get_max_connections (DBusServer *server)
-{
- return server->max_connections;
-}
-
-/**
- * Gets the number of #DBusConnection to this server that
- * have not yet been finalized. i.e. all #DBusConnection that
- * were passed to #DBusNewConnectionFunction and have not yet been
- * finalized will count in this total.
- *
- * @param server the server
- * @returns the number of connections
- */
-int
-dbus_server_get_n_connections (DBusServer *server)
-{
- return _dbus_counter_get_value (server->connection_counter);
-}
-
static DBusDataSlotAllocator slot_allocator;
_DBUS_DEFINE_GLOBAL_LOCK (server_slots);
dbus_bool_t dbus_server_handle_watch (DBusServer *server,
DBusWatch *watch,
unsigned int condition);
-void dbus_server_set_max_connections (DBusServer *server,
- int max_connections);
-int dbus_server_get_max_connections (DBusServer *server);
-int dbus_server_get_n_connections (DBusServer *server);
-
dbus_bool_t dbus_server_set_auth_mechanisms (DBusServer *server,
const char **mechanisms);