Author: norman
Date: Tue Jan 25 08:45:50 2011
New Revision: 1063172
URL: http://svn.apache.org/viewvc?rev=1063172&view=rev
Log:
Don't disconnect on the first request without a tag as clients sometimes send
invalid request. Also introduce a setting to disconnect after x invalid
commands (without a valid command between). See IMAP-249
Modified:
james/imap/trunk/message/src/main/java/org/apache/james/imap/decode/main/DefaultImapDecoder.java
Modified:
james/imap/trunk/message/src/main/java/org/apache/james/imap/decode/main/DefaultImapDecoder.java
URL:
http://svn.apache.org/viewvc/james/imap/trunk/message/src/main/java/org/apache/james/imap/decode/main/DefaultImapDecoder.java?rev=1063172&r1=1063171&r2=1063172&view=diff
==============================================================================
---
james/imap/trunk/message/src/main/java/org/apache/james/imap/decode/main/DefaultImapDecoder.java
(original)
+++
james/imap/trunk/message/src/main/java/org/apache/james/imap/decode/main/DefaultImapDecoder.java
Tue Jan 25 08:45:50 2011
@@ -41,10 +41,21 @@ public class DefaultImapDecoder implemen
private final ImapCommandParserFactory imapCommands;
+ private int maxInvalidCommands;
+
+ private final static String INVALID_COMMAND_COUNT =
"INVALID_COMMAND_COUNT";
+ public final static int DEFAULT_MAX_INVALID_COMMANDS = 9;
+
public DefaultImapDecoder(final StatusResponseFactory responseFactory,
final ImapCommandParserFactory imapCommands) {
+ this(responseFactory, imapCommands, DEFAULT_MAX_INVALID_COMMANDS);
+ }
+
+ public DefaultImapDecoder(final StatusResponseFactory responseFactory,
+ final ImapCommandParserFactory imapCommands, int
maxInvalidCommands) {
this.responseFactory = responseFactory;
this.imapCommands = imapCommands;
+ this.maxInvalidCommands = maxInvalidCommands;
}
/*
@@ -60,12 +71,7 @@ public class DefaultImapDecoder implemen
message = decodeCommandTagged(request, tag, session);
} catch (DecodingException e) {
logger.debug("Cannot parse tag", e);
-
- // When the tag cannot be read, there is something seriously wrong.
- // It is probably not possible to recover
- // and (since this may indicate an attack) wiser not to try
- message = responseFactory.bye(HumanReadableText.ILLEGAL_TAG);
- session.logout();
+ message = unknownCommand(null, session);
}
return message;
}
@@ -92,14 +98,28 @@ public class DefaultImapDecoder implemen
private ImapMessage unknownCommand(final String tag,
final ImapSession session) {
ImapMessage message;
- if (session.getState() == ImapSessionState.NON_AUTHENTICATED) {
+ Object c = session.getAttribute(INVALID_COMMAND_COUNT);
+ int count = 0;
+ if (c != null) {
+ count = (Integer) c;
+ }
+ count++;
+ if (count > maxInvalidCommands || session.getState() ==
ImapSessionState.NON_AUTHENTICATED) {
message = responseFactory
.bye(HumanReadableText.BYE_UNKNOWN_COMMAND);
session.logout();
} else {
- message = responseFactory.taggedBad(tag, null,
- HumanReadableText.UNKNOWN_COMMAND);
+ session.setAttribute(INVALID_COMMAND_COUNT, count);
+ if (tag == null) {
+ message =
responseFactory.untaggedBad(HumanReadableText.UNKNOWN_COMMAND);
+ } else {
+ message = responseFactory.taggedBad(tag, null,
+ HumanReadableText.UNKNOWN_COMMAND);
+ }
+
}
+
+
return message;
}
@@ -116,6 +136,7 @@ public class DefaultImapDecoder implemen
message = unknownCommand(tag, session);
} else {
message = command.parse(request, tag, session);
+ session.setAttribute(INVALID_COMMAND_COUNT, 0);
}
return message;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
