On Sat, 2006-12-09 at 20:12 +0100, Dirk Meyer wrote:
> remove some extra check, I hope we do not need it
We need it, but we should be able to modify the check a bit.
> + # FIXME: why do we need this check? It does not for with kaa.beacon
> + # when we have too much media mounted. Beacon sends all known media
> + # information on connect, so the client receives authentication data
> + # and more on startup.
> + #
> + # if buflen > 512 and not self._authenticated:
> + # # 512 bytes is plenty for authentication handshake. Any more
> than
> + # # that and something isn't right.
> + # log.warning("Too much data received from remote end before
> authentication; disconnecting")
> + # self._handle_close()
> + # return
This check prevents an unauthenticated client from DoSing the server by
causing the server to allocate arbitrarily sized amounts of memory.
It's tempting to say "well the client doesn't need to do this check,
only the server," but I think it is an important design goal to protect
both ends of the connection from anything nefarious prior to
authentication.
The server does defer sending any rpc commands until authentication is
completed, but there is a stage during authentication where the server
considers the connection authenticated when the client doesn't yet.
I think we can solve this rather by checking the buffer size, we assume
there is a full header at the front of the buffer, and peek at the
payload size stored in the header of the first rpc packet, and require
this size to not be larger than an auth packet. If it is, then
disconnect. I'll think about this some more and implement it if it
works. It should fix your problem.
Jason.
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Freevo-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/freevo-devel
