[
https://issues.apache.org/jira/browse/QPID-7806?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alex Rudyy updated QPID-7806:
-----------------------------
Description:
Slow connection ticker is running until one of the following condition is true:
* authenticated subject is set on a connection
* timeout expires
In AMQP 1.0 connection the subject is set on finishing SASL negotiation before
receiving AMQP header and OPEN performative. If authenticated client will not
send AMQP header or/and OPEN performative (or sending of them will take
unreasonably long of time) due to bug or malicious intention, the Broker might
end up with not fully established connections consuming system resources. We
need to protect Broker and run Slow connection ticker on AMQP 1.0 until OPEN is
received and idle timeout is negotiated.
was:
Slow connection ticker is running until one of the following condition is true:
* authenticated subject is set on a connection
* timeout expires
In AMQP 1.0 connection the subject is set on finishing SASL negotiation before
receiving AMQP header and OPEN performative. If client will not send AMQP
header or/and OPEN performative (or sending of them will take unreasonably long
of time) due to bug or malicious intention, the Broker might end up with not
fully established connections consuming system resources. We need to protect
Broker and run Slow connection ticker on AMQP 1.0 until OPEN is received and
idle timeout is negotiated.
> [Java Broker] [AMQP 1.0] Slow connection ticker should be running until OPEN
> performative is received or timeout expires
> ------------------------------------------------------------------------------------------------------------------------
>
> Key: QPID-7806
> URL: https://issues.apache.org/jira/browse/QPID-7806
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Affects Versions: qpid-java-broker-7.0.0
> Reporter: Alex Rudyy
>
> Slow connection ticker is running until one of the following condition is
> true:
> * authenticated subject is set on a connection
> * timeout expires
> In AMQP 1.0 connection the subject is set on finishing SASL negotiation
> before receiving AMQP header and OPEN performative. If authenticated client
> will not send AMQP header or/and OPEN performative (or sending of them will
> take unreasonably long of time) due to bug or malicious intention, the Broker
> might end up with not fully established connections consuming system
> resources. We need to protect Broker and run Slow connection ticker on AMQP
> 1.0 until OPEN is received and idle timeout is negotiated.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
