diff options
author | teravus | 2013-10-07 21:35:55 -0500 |
---|---|---|
committer | teravus | 2013-10-07 21:35:55 -0500 |
commit | f76cc6036ebf446553ee5201321879538dafe3b2 (patch) | |
tree | 7e33eee605c3baf04a16422f06ac3986f0f27eaa | |
parent | * Added a unique and interesting WebSocket grid login processor by hijacking ... (diff) | |
download | opensim-SC_OLD-f76cc6036ebf446553ee5201321879538dafe3b2.zip opensim-SC_OLD-f76cc6036ebf446553ee5201321879538dafe3b2.tar.gz opensim-SC_OLD-f76cc6036ebf446553ee5201321879538dafe3b2.tar.bz2 opensim-SC_OLD-f76cc6036ebf446553ee5201321879538dafe3b2.tar.xz |
* Added a Basic DOS protection container/base object for the most common HTTP Server handlers. XMLRPC Handler, GenericHttpHandler and <Various>StreamHandler
* Applied the XmlRpcBasicDOSProtector.cs to the login service as both an example, and good practice.
* Applied the BaseStreamHandlerBasicDOSProtector.cs to the friends service as an example of the DOS Protector on StreamHandlers
* Added CircularBuffer, used for CPU and Memory friendly rate monitoring.
* DosProtector has 2 states, 1. Just Check for blocked users and check general velocity, 2. Track velocity per user, It only jumps to 2 if it's getting a lot of requests, and state 1 is about as resource friendly as if it wasn't even there.
-rw-r--r-- | OpenSim/Framework/CircularBuffer.cs | 312 | ||||
-rw-r--r-- | OpenSim/Framework/Servers/HttpServer/BaseStreamHandlerBasicDOSProtector.cs | 233 | ||||
-rw-r--r-- | OpenSim/Framework/Servers/HttpServer/GenericHTTPBasicDOSProtector.cs | 238 | ||||
-rw-r--r-- | OpenSim/Framework/Servers/HttpServer/XmlRpcBasicDOSProtector.cs | 211 | ||||
-rw-r--r-- | OpenSim/Region/CoreModules/Avatar/Friends/FriendsRequestHandler.cs | 12 | ||||
-rw-r--r-- | OpenSim/Region/CoreModules/World/WorldMap/WorldMapModule.cs | 21 | ||||
-rw-r--r-- | OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs | 12 | ||||
-rw-r--r-- | OpenSim/Server/Handlers/Login/LLLoginHandlers.cs | 11 | ||||
-rw-r--r-- | OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs | 15 | ||||
-rw-r--r-- | ThirdPartyLicenses/CircularBuffer.txt | 16 | ||||
-rw-r--r-- | bin/Robust.ini.example | 19 | ||||
-rw-r--r-- | bin/config-include/StandaloneCommon.ini.example | 19 |
12 files changed, 1112 insertions, 7 deletions
diff --git a/OpenSim/Framework/CircularBuffer.cs b/OpenSim/Framework/CircularBuffer.cs new file mode 100644 index 0000000..e919337 --- /dev/null +++ b/OpenSim/Framework/CircularBuffer.cs | |||
@@ -0,0 +1,312 @@ | |||
1 | /* | ||
2 | Copyright (c) 2012, Alex Regueiro | ||
3 | All rights reserved. | ||
4 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the | ||
5 | following conditions are met: | ||
6 | |||
7 | Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. | ||
8 | Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer | ||
9 | in the documentation and/or other materials provided with the distribution. | ||
10 | |||
11 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, | ||
12 | BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
13 | IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, | ||
14 | OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, | ||
15 | OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | ||
16 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | ||
17 | POSSIBILITY OF SUCH DAMAGE. | ||
18 | */ | ||
19 | using System; | ||
20 | using System.Collections; | ||
21 | using System.Collections.Generic; | ||
22 | using System.Threading; | ||
23 | |||
24 | namespace OpenSim.Framework | ||
25 | { | ||
26 | public class CircularBuffer<T> : ICollection<T>, IEnumerable<T>, ICollection, IEnumerable | ||
27 | { | ||
28 | private int capacity; | ||
29 | private int size; | ||
30 | private int head; | ||
31 | private int tail; | ||
32 | private T[] buffer; | ||
33 | |||
34 | [NonSerialized()] | ||
35 | private object syncRoot; | ||
36 | |||
37 | public CircularBuffer(int capacity) | ||
38 | : this(capacity, false) | ||
39 | { | ||
40 | } | ||
41 | |||
42 | public CircularBuffer(int capacity, bool allowOverflow) | ||
43 | { | ||
44 | if (capacity < 0) | ||
45 | throw new ArgumentException("Needs to have at least 1","capacity"); | ||
46 | |||
47 | this.capacity = capacity; | ||
48 | size = 0; | ||
49 | head = 0; | ||
50 | tail = 0; | ||
51 | buffer = new T[capacity]; | ||
52 | AllowOverflow = allowOverflow; | ||
53 | } | ||
54 | |||
55 | public bool AllowOverflow | ||
56 | { | ||
57 | get; | ||
58 | set; | ||
59 | } | ||
60 | |||
61 | public int Capacity | ||
62 | { | ||
63 | get { return capacity; } | ||
64 | set | ||
65 | { | ||
66 | if (value == capacity) | ||
67 | return; | ||
68 | |||
69 | if (value < size) | ||
70 | throw new ArgumentOutOfRangeException("value","Capacity is too small."); | ||
71 | |||
72 | var dst = new T[value]; | ||
73 | if (size > 0) | ||
74 | CopyTo(dst); | ||
75 | buffer = dst; | ||
76 | |||
77 | capacity = value; | ||
78 | } | ||
79 | } | ||
80 | |||
81 | public int Size | ||
82 | { | ||
83 | get { return size; } | ||
84 | } | ||
85 | |||
86 | public bool Contains(T item) | ||
87 | { | ||
88 | int bufferIndex = head; | ||
89 | var comparer = EqualityComparer<T>.Default; | ||
90 | for (int i = 0; i < size; i++, bufferIndex++) | ||
91 | { | ||
92 | if (bufferIndex == capacity) | ||
93 | bufferIndex = 0; | ||
94 | |||
95 | if (item == null && buffer[bufferIndex] == null) | ||
96 | return true; | ||
97 | else if ((buffer[bufferIndex] != null) && | ||
98 | comparer.Equals(buffer[bufferIndex], item)) | ||
99 | return true; | ||
100 | } | ||
101 | |||
102 | return false; | ||
103 | } | ||
104 | |||
105 | public void Clear() | ||
106 | { | ||
107 | size = 0; | ||
108 | head = 0; | ||
109 | tail = 0; | ||
110 | } | ||
111 | |||
112 | public int Put(T[] src) | ||
113 | { | ||
114 | return Put(src, 0, src.Length); | ||
115 | } | ||
116 | |||
117 | public int Put(T[] src, int offset, int count) | ||
118 | { | ||
119 | if (!AllowOverflow && count > capacity - size) | ||
120 | throw new InvalidOperationException("Buffer Overflow"); | ||
121 | |||
122 | int srcIndex = offset; | ||
123 | for (int i = 0; i < count; i++, tail++, srcIndex++) | ||
124 | { | ||
125 | if (tail == capacity) | ||
126 | tail = 0; | ||
127 | buffer[tail] = src[srcIndex]; | ||
128 | } | ||
129 | size = Math.Min(size + count, capacity); | ||
130 | return count; | ||
131 | } | ||
132 | |||
133 | public void Put(T item) | ||
134 | { | ||
135 | if (!AllowOverflow && size == capacity) | ||
136 | throw new InvalidOperationException("Buffer Overflow"); | ||
137 | |||
138 | buffer[tail] = item; | ||
139 | if (++tail == capacity) | ||
140 | tail = 0; | ||
141 | size++; | ||
142 | } | ||
143 | |||
144 | public void Skip(int count) | ||
145 | { | ||
146 | head += count; | ||
147 | if (head >= capacity) | ||
148 | head -= capacity; | ||
149 | } | ||
150 | |||
151 | public T[] Get(int count) | ||
152 | { | ||
153 | var dst = new T[count]; | ||
154 | Get(dst); | ||
155 | return dst; | ||
156 | } | ||
157 | |||
158 | public int Get(T[] dst) | ||
159 | { | ||
160 | return Get(dst, 0, dst.Length); | ||
161 | } | ||
162 | |||
163 | public int Get(T[] dst, int offset, int count) | ||
164 | { | ||
165 | int realCount = Math.Min(count, size); | ||
166 | int dstIndex = offset; | ||
167 | for (int i = 0; i < realCount; i++, head++, dstIndex++) | ||
168 | { | ||
169 | if (head == capacity) | ||
170 | head = 0; | ||
171 | dst[dstIndex] = buffer[head]; | ||
172 | } | ||
173 | size -= realCount; | ||
174 | return realCount; | ||
175 | } | ||
176 | |||
177 | public T Get() | ||
178 | { | ||
179 | if (size == 0) | ||
180 | throw new InvalidOperationException("Buffer Empty"); | ||
181 | |||
182 | var item = buffer[head]; | ||
183 | if (++head == capacity) | ||
184 | head = 0; | ||
185 | size--; | ||
186 | return item; | ||
187 | } | ||
188 | |||
189 | public void CopyTo(T[] array) | ||
190 | { | ||
191 | CopyTo(array, 0); | ||
192 | } | ||
193 | |||
194 | public void CopyTo(T[] array, int arrayIndex) | ||
195 | { | ||
196 | CopyTo(0, array, arrayIndex, size); | ||
197 | } | ||
198 | |||
199 | public void CopyTo(int index, T[] array, int arrayIndex, int count) | ||
200 | { | ||
201 | if (count > size) | ||
202 | throw new ArgumentOutOfRangeException("count", "Count Too Large"); | ||
203 | |||
204 | int bufferIndex = head; | ||
205 | for (int i = 0; i < count; i++, bufferIndex++, arrayIndex++) | ||
206 | { | ||
207 | if (bufferIndex == capacity) | ||
208 | bufferIndex = 0; | ||
209 | array[arrayIndex] = buffer[bufferIndex]; | ||
210 | } | ||
211 | } | ||
212 | |||
213 | public IEnumerator<T> GetEnumerator() | ||
214 | { | ||
215 | int bufferIndex = head; | ||
216 | for (int i = 0; i < size; i++, bufferIndex++) | ||
217 | { | ||
218 | if (bufferIndex == capacity) | ||
219 | bufferIndex = 0; | ||
220 | |||
221 | yield return buffer[bufferIndex]; | ||
222 | } | ||
223 | } | ||
224 | |||
225 | public T[] GetBuffer() | ||
226 | { | ||
227 | return buffer; | ||
228 | } | ||
229 | |||
230 | public T[] ToArray() | ||
231 | { | ||
232 | var dst = new T[size]; | ||
233 | CopyTo(dst); | ||
234 | return dst; | ||
235 | } | ||
236 | |||
237 | #region ICollection<T> Members | ||
238 | |||
239 | int ICollection<T>.Count | ||
240 | { | ||
241 | get { return Size; } | ||
242 | } | ||
243 | |||
244 | bool ICollection<T>.IsReadOnly | ||
245 | { | ||
246 | get { return false; } | ||
247 | } | ||
248 | |||
249 | void ICollection<T>.Add(T item) | ||
250 | { | ||
251 | Put(item); | ||
252 | } | ||
253 | |||
254 | bool ICollection<T>.Remove(T item) | ||
255 | { | ||
256 | if (size == 0) | ||
257 | return false; | ||
258 | |||
259 | Get(); | ||
260 | return true; | ||
261 | } | ||
262 | |||
263 | #endregion | ||
264 | |||
265 | #region IEnumerable<T> Members | ||
266 | |||
267 | IEnumerator<T> IEnumerable<T>.GetEnumerator() | ||
268 | { | ||
269 | return GetEnumerator(); | ||
270 | } | ||
271 | |||
272 | #endregion | ||
273 | |||
274 | #region ICollection Members | ||
275 | |||
276 | int ICollection.Count | ||
277 | { | ||
278 | get { return Size; } | ||
279 | } | ||
280 | |||
281 | bool ICollection.IsSynchronized | ||
282 | { | ||
283 | get { return false; } | ||
284 | } | ||
285 | |||
286 | object ICollection.SyncRoot | ||
287 | { | ||
288 | get | ||
289 | { | ||
290 | if (syncRoot == null) | ||
291 | Interlocked.CompareExchange(ref syncRoot, new object(), null); | ||
292 | return syncRoot; | ||
293 | } | ||
294 | } | ||
295 | |||
296 | void ICollection.CopyTo(Array array, int arrayIndex) | ||
297 | { | ||
298 | CopyTo((T[])array, arrayIndex); | ||
299 | } | ||
300 | |||
301 | #endregion | ||
302 | |||
303 | #region IEnumerable Members | ||
304 | |||
305 | IEnumerator IEnumerable.GetEnumerator() | ||
306 | { | ||
307 | return (IEnumerator)GetEnumerator(); | ||
308 | } | ||
309 | |||
310 | #endregion | ||
311 | } | ||
312 | } | ||
diff --git a/OpenSim/Framework/Servers/HttpServer/BaseStreamHandlerBasicDOSProtector.cs b/OpenSim/Framework/Servers/HttpServer/BaseStreamHandlerBasicDOSProtector.cs new file mode 100644 index 0000000..8fc9a8a --- /dev/null +++ b/OpenSim/Framework/Servers/HttpServer/BaseStreamHandlerBasicDOSProtector.cs | |||
@@ -0,0 +1,233 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | using OpenSim.Framework; | ||
28 | using System.Collections.Generic; | ||
29 | using System.IO; | ||
30 | using System.Reflection; | ||
31 | using log4net; | ||
32 | |||
33 | namespace OpenSim.Framework.Servers.HttpServer | ||
34 | { | ||
35 | /// <summary> | ||
36 | /// BaseStreamHandlerBasicDOSProtector Base streamed request handler. | ||
37 | /// </summary> | ||
38 | /// <remarks> | ||
39 | /// Inheriting classes should override ProcessRequest() rather than Handle() | ||
40 | /// </remarks> | ||
41 | public abstract class BaseStreamHandlerBasicDOSProtector : BaseRequestHandler, IStreamedRequestHandler | ||
42 | { | ||
43 | private readonly CircularBuffer<int> _generalRequestTimes; | ||
44 | private readonly BasicDosProtectorOptions _options; | ||
45 | private readonly Dictionary<string, CircularBuffer<int>> _deeperInspection; | ||
46 | private readonly Dictionary<string, int> _tempBlocked; | ||
47 | private readonly System.Timers.Timer _forgetTimer; | ||
48 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
49 | private readonly System.Threading.ReaderWriterLockSlim _lockSlim = new System.Threading.ReaderWriterLockSlim(); | ||
50 | |||
51 | protected BaseStreamHandlerBasicDOSProtector(string httpMethod, string path, BasicDosProtectorOptions options) : this(httpMethod, path, null, null, options) {} | ||
52 | |||
53 | protected BaseStreamHandlerBasicDOSProtector(string httpMethod, string path, string name, string description, BasicDosProtectorOptions options) | ||
54 | : base(httpMethod, path, name, description) | ||
55 | { | ||
56 | _generalRequestTimes = new CircularBuffer<int>(options.MaxRequestsInTimeframe + 1, true); | ||
57 | _generalRequestTimes.Put(0); | ||
58 | _options = options; | ||
59 | _deeperInspection = new Dictionary<string, CircularBuffer<int>>(); | ||
60 | _tempBlocked = new Dictionary<string, int>(); | ||
61 | _forgetTimer = new System.Timers.Timer(); | ||
62 | _forgetTimer.Elapsed += delegate | ||
63 | { | ||
64 | _forgetTimer.Enabled = false; | ||
65 | |||
66 | List<string> removes = new List<string>(); | ||
67 | _lockSlim.EnterReadLock(); | ||
68 | foreach (string str in _tempBlocked.Keys) | ||
69 | { | ||
70 | if ( | ||
71 | Util.EnvironmentTickCountSubtract(Util.EnvironmentTickCount(), | ||
72 | _tempBlocked[str]) > 0) | ||
73 | removes.Add(str); | ||
74 | } | ||
75 | _lockSlim.ExitReadLock(); | ||
76 | lock (_deeperInspection) | ||
77 | { | ||
78 | _lockSlim.EnterWriteLock(); | ||
79 | for (int i = 0; i < removes.Count; i++) | ||
80 | { | ||
81 | _tempBlocked.Remove(removes[i]); | ||
82 | _deeperInspection.Remove(removes[i]); | ||
83 | } | ||
84 | _lockSlim.ExitWriteLock(); | ||
85 | } | ||
86 | foreach (string str in removes) | ||
87 | { | ||
88 | m_log.InfoFormat("[{0}] client: {1} is no longer blocked.", | ||
89 | _options.ReportingName, str); | ||
90 | } | ||
91 | _lockSlim.EnterReadLock(); | ||
92 | if (_tempBlocked.Count > 0) | ||
93 | _forgetTimer.Enabled = true; | ||
94 | _lockSlim.ExitReadLock(); | ||
95 | }; | ||
96 | |||
97 | _forgetTimer.Interval = _options.ForgetTimeSpan.TotalMilliseconds; | ||
98 | } | ||
99 | |||
100 | public virtual byte[] Handle( | ||
101 | string path, Stream request, IOSHttpRequest httpRequest, IOSHttpResponse httpResponse) | ||
102 | { | ||
103 | byte[] result; | ||
104 | RequestsReceived++; | ||
105 | //httpRequest.Headers | ||
106 | |||
107 | if (_options.MaxRequestsInTimeframe < 1 || _options.RequestTimeSpan.TotalMilliseconds < 1) | ||
108 | { | ||
109 | result = ProcessRequest(path, request, httpRequest, httpResponse); | ||
110 | RequestsHandled++; | ||
111 | return result; | ||
112 | |||
113 | } | ||
114 | |||
115 | string clientstring = GetClientString(httpRequest); | ||
116 | |||
117 | _lockSlim.EnterReadLock(); | ||
118 | if (_tempBlocked.ContainsKey(clientstring)) | ||
119 | { | ||
120 | _lockSlim.ExitReadLock(); | ||
121 | |||
122 | if (_options.ThrottledAction == ThrottleAction.DoThrottledMethod) | ||
123 | { | ||
124 | result = ThrottledRequest(path, request, httpRequest, httpResponse); | ||
125 | RequestsHandled++; | ||
126 | return result; | ||
127 | } | ||
128 | else | ||
129 | throw new System.Security.SecurityException("Throttled"); | ||
130 | } | ||
131 | _lockSlim.ExitReadLock(); | ||
132 | |||
133 | _generalRequestTimes.Put(Util.EnvironmentTickCount()); | ||
134 | |||
135 | if (_generalRequestTimes.Size == _generalRequestTimes.Capacity && | ||
136 | (Util.EnvironmentTickCountSubtract(Util.EnvironmentTickCount(), _generalRequestTimes.Get()) < | ||
137 | _options.RequestTimeSpan.TotalMilliseconds)) | ||
138 | { | ||
139 | //Trigger deeper inspection | ||
140 | if (DeeperInspection(httpRequest)) | ||
141 | { | ||
142 | result = ProcessRequest(path, request, httpRequest, httpResponse); | ||
143 | RequestsHandled++; | ||
144 | return result; | ||
145 | } | ||
146 | if (_options.ThrottledAction == ThrottleAction.DoThrottledMethod) | ||
147 | { | ||
148 | result = ThrottledRequest(path, request, httpRequest, httpResponse); | ||
149 | RequestsHandled++; | ||
150 | return result; | ||
151 | } | ||
152 | else | ||
153 | throw new System.Security.SecurityException("Throttled"); | ||
154 | } | ||
155 | |||
156 | result =ProcessRequest(path, request, httpRequest, httpResponse); | ||
157 | RequestsHandled++; | ||
158 | |||
159 | return result; | ||
160 | } | ||
161 | |||
162 | protected virtual byte[] ProcessRequest( | ||
163 | string path, Stream request, IOSHttpRequest httpRequest, IOSHttpResponse httpResponse) | ||
164 | { | ||
165 | return null; | ||
166 | } | ||
167 | |||
168 | protected virtual byte[] ThrottledRequest( | ||
169 | string path, Stream request, IOSHttpRequest httpRequest, IOSHttpResponse httpResponse) | ||
170 | { | ||
171 | return new byte[0]; | ||
172 | } | ||
173 | |||
174 | private bool DeeperInspection(IOSHttpRequest httpRequest) | ||
175 | { | ||
176 | lock (_deeperInspection) | ||
177 | { | ||
178 | string clientstring = GetClientString(httpRequest); | ||
179 | |||
180 | |||
181 | if (_deeperInspection.ContainsKey(clientstring)) | ||
182 | { | ||
183 | _deeperInspection[clientstring].Put(Util.EnvironmentTickCount()); | ||
184 | if (_deeperInspection[clientstring].Size == _deeperInspection[clientstring].Capacity && | ||
185 | (Util.EnvironmentTickCountSubtract(Util.EnvironmentTickCount(), _deeperInspection[clientstring].Get()) < | ||
186 | _options.RequestTimeSpan.TotalMilliseconds)) | ||
187 | { | ||
188 | _lockSlim.EnterWriteLock(); | ||
189 | if (!_tempBlocked.ContainsKey(clientstring)) | ||
190 | _tempBlocked.Add(clientstring, Util.EnvironmentTickCount() + (int)_options.ForgetTimeSpan.TotalMilliseconds); | ||
191 | else | ||
192 | _tempBlocked[clientstring] = Util.EnvironmentTickCount() + (int)_options.ForgetTimeSpan.TotalMilliseconds; | ||
193 | _lockSlim.ExitWriteLock(); | ||
194 | |||
195 | m_log.WarnFormat("[{0}]: client: {1} is blocked for {2} milliseconds, X-ForwardedForAllowed status is {3}, endpoint:{4}", _options.ReportingName, clientstring, _options.ForgetTimeSpan.TotalMilliseconds, _options.AllowXForwardedFor, GetRemoteAddr(httpRequest)); | ||
196 | return false; | ||
197 | } | ||
198 | //else | ||
199 | // return true; | ||
200 | } | ||
201 | else | ||
202 | { | ||
203 | _deeperInspection.Add(clientstring, new CircularBuffer<int>(_options.MaxRequestsInTimeframe + 1, true)); | ||
204 | _deeperInspection[clientstring].Put(Util.EnvironmentTickCount()); | ||
205 | _forgetTimer.Enabled = true; | ||
206 | } | ||
207 | |||
208 | } | ||
209 | return true; | ||
210 | } | ||
211 | private string GetRemoteAddr(IOSHttpRequest httpRequest) | ||
212 | { | ||
213 | string remoteaddr = string.Empty; | ||
214 | if (httpRequest.Headers["remote_addr"] != null) | ||
215 | remoteaddr = httpRequest.Headers["remote_addr"]; | ||
216 | |||
217 | return remoteaddr; | ||
218 | } | ||
219 | |||
220 | private string GetClientString(IOSHttpRequest httpRequest) | ||
221 | { | ||
222 | string clientstring = string.Empty; | ||
223 | |||
224 | if (_options.AllowXForwardedFor && httpRequest.Headers["x-forwarded-for"] != null) | ||
225 | clientstring = httpRequest.Headers["x-forwarded-for"]; | ||
226 | else | ||
227 | clientstring = GetRemoteAddr(httpRequest); | ||
228 | |||
229 | return clientstring; | ||
230 | |||
231 | } | ||
232 | } | ||
233 | } | ||
diff --git a/OpenSim/Framework/Servers/HttpServer/GenericHTTPBasicDOSProtector.cs b/OpenSim/Framework/Servers/HttpServer/GenericHTTPBasicDOSProtector.cs new file mode 100644 index 0000000..5fc999a --- /dev/null +++ b/OpenSim/Framework/Servers/HttpServer/GenericHTTPBasicDOSProtector.cs | |||
@@ -0,0 +1,238 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections; | ||
30 | using System.Collections.Generic; | ||
31 | using System.Reflection; | ||
32 | using System.Net; | ||
33 | using OpenSim.Framework; | ||
34 | using log4net; | ||
35 | |||
36 | namespace OpenSim.Framework.Servers.HttpServer | ||
37 | { | ||
38 | public class GenericHTTPDOSProtector | ||
39 | { | ||
40 | private readonly GenericHTTPMethod _normalMethod; | ||
41 | private readonly GenericHTTPMethod _throttledMethod; | ||
42 | private readonly CircularBuffer<int> _generalRequestTimes; | ||
43 | private readonly BasicDosProtectorOptions _options; | ||
44 | private readonly Dictionary<string, CircularBuffer<int>> _deeperInspection; | ||
45 | private readonly Dictionary<string, int> _tempBlocked; | ||
46 | private readonly System.Timers.Timer _forgetTimer; | ||
47 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
48 | private readonly System.Threading.ReaderWriterLockSlim _lockSlim = new System.Threading.ReaderWriterLockSlim(); | ||
49 | |||
50 | public GenericHTTPDOSProtector(GenericHTTPMethod normalMethod, GenericHTTPMethod throttledMethod, BasicDosProtectorOptions options) | ||
51 | { | ||
52 | _normalMethod = normalMethod; | ||
53 | _throttledMethod = throttledMethod; | ||
54 | _generalRequestTimes = new CircularBuffer<int>(options.MaxRequestsInTimeframe + 1, true); | ||
55 | _generalRequestTimes.Put(0); | ||
56 | _options = options; | ||
57 | _deeperInspection = new Dictionary<string, CircularBuffer<int>>(); | ||
58 | _tempBlocked = new Dictionary<string, int>(); | ||
59 | _forgetTimer = new System.Timers.Timer(); | ||
60 | _forgetTimer.Elapsed += delegate | ||
61 | { | ||
62 | _forgetTimer.Enabled = false; | ||
63 | |||
64 | List<string> removes = new List<string>(); | ||
65 | _lockSlim.EnterReadLock(); | ||
66 | foreach (string str in _tempBlocked.Keys) | ||
67 | { | ||
68 | if ( | ||
69 | Util.EnvironmentTickCountSubtract(Util.EnvironmentTickCount(), | ||
70 | _tempBlocked[str]) > 0) | ||
71 | removes.Add(str); | ||
72 | } | ||
73 | _lockSlim.ExitReadLock(); | ||
74 | lock (_deeperInspection) | ||
75 | { | ||
76 | _lockSlim.EnterWriteLock(); | ||
77 | for (int i = 0; i < removes.Count; i++) | ||
78 | { | ||
79 | _tempBlocked.Remove(removes[i]); | ||
80 | _deeperInspection.Remove(removes[i]); | ||
81 | } | ||
82 | _lockSlim.ExitWriteLock(); | ||
83 | } | ||
84 | foreach (string str in removes) | ||
85 | { | ||
86 | m_log.InfoFormat("[{0}] client: {1} is no longer blocked.", | ||
87 | _options.ReportingName, str); | ||
88 | } | ||
89 | _lockSlim.EnterReadLock(); | ||
90 | if (_tempBlocked.Count > 0) | ||
91 | _forgetTimer.Enabled = true; | ||
92 | _lockSlim.ExitReadLock(); | ||
93 | }; | ||
94 | |||
95 | _forgetTimer.Interval = _options.ForgetTimeSpan.TotalMilliseconds; | ||
96 | } | ||
97 | public Hashtable Process(Hashtable request) | ||
98 | { | ||
99 | if (_options.MaxRequestsInTimeframe < 1) | ||
100 | return _normalMethod(request); | ||
101 | if (_options.RequestTimeSpan.TotalMilliseconds < 1) | ||
102 | return _normalMethod(request); | ||
103 | |||
104 | string clientstring = GetClientString(request); | ||
105 | |||
106 | _lockSlim.EnterReadLock(); | ||
107 | if (_tempBlocked.ContainsKey(clientstring)) | ||
108 | { | ||
109 | _lockSlim.ExitReadLock(); | ||
110 | |||
111 | if (_options.ThrottledAction == ThrottleAction.DoThrottledMethod) | ||
112 | return _throttledMethod(request); | ||
113 | else | ||
114 | throw new System.Security.SecurityException("Throttled"); | ||
115 | } | ||
116 | _lockSlim.ExitReadLock(); | ||
117 | |||
118 | _generalRequestTimes.Put(Util.EnvironmentTickCount()); | ||
119 | |||
120 | if (_generalRequestTimes.Size == _generalRequestTimes.Capacity && | ||
121 | (Util.EnvironmentTickCountSubtract(Util.EnvironmentTickCount(), _generalRequestTimes.Get()) < | ||
122 | _options.RequestTimeSpan.TotalMilliseconds)) | ||
123 | { | ||
124 | //Trigger deeper inspection | ||
125 | if (DeeperInspection(request)) | ||
126 | return _normalMethod(request); | ||
127 | if (_options.ThrottledAction == ThrottleAction.DoThrottledMethod) | ||
128 | return _throttledMethod(request); | ||
129 | else | ||
130 | throw new System.Security.SecurityException("Throttled"); | ||
131 | } | ||
132 | Hashtable resp = null; | ||
133 | try | ||
134 | { | ||
135 | resp = _normalMethod(request); | ||
136 | } | ||
137 | catch (Exception) | ||
138 | { | ||
139 | |||
140 | throw; | ||
141 | } | ||
142 | |||
143 | return resp; | ||
144 | } | ||
145 | private bool DeeperInspection(Hashtable request) | ||
146 | { | ||
147 | lock (_deeperInspection) | ||
148 | { | ||
149 | string clientstring = GetClientString(request); | ||
150 | |||
151 | |||
152 | if (_deeperInspection.ContainsKey(clientstring)) | ||
153 | { | ||
154 | _deeperInspection[clientstring].Put(Util.EnvironmentTickCount()); | ||
155 | if (_deeperInspection[clientstring].Size == _deeperInspection[clientstring].Capacity && | ||
156 | (Util.EnvironmentTickCountSubtract(Util.EnvironmentTickCount(), _deeperInspection[clientstring].Get()) < | ||
157 | _options.RequestTimeSpan.TotalMilliseconds)) | ||
158 | { | ||
159 | _lockSlim.EnterWriteLock(); | ||
160 | if (!_tempBlocked.ContainsKey(clientstring)) | ||
161 | _tempBlocked.Add(clientstring, Util.EnvironmentTickCount() + (int)_options.ForgetTimeSpan.TotalMilliseconds); | ||
162 | else | ||
163 | _tempBlocked[clientstring] = Util.EnvironmentTickCount() + (int)_options.ForgetTimeSpan.TotalMilliseconds; | ||
164 | _lockSlim.ExitWriteLock(); | ||
165 | |||
166 | m_log.WarnFormat("[{0}]: client: {1} is blocked for {2} milliseconds, X-ForwardedForAllowed status is {3}, endpoint:{4}", _options.ReportingName, clientstring, _options.ForgetTimeSpan.TotalMilliseconds, _options.AllowXForwardedFor, GetRemoteAddr(request)); | ||
167 | return false; | ||
168 | } | ||
169 | //else | ||
170 | // return true; | ||
171 | } | ||
172 | else | ||
173 | { | ||
174 | _deeperInspection.Add(clientstring, new CircularBuffer<int>(_options.MaxRequestsInTimeframe + 1, true)); | ||
175 | _deeperInspection[clientstring].Put(Util.EnvironmentTickCount()); | ||
176 | _forgetTimer.Enabled = true; | ||
177 | } | ||
178 | |||
179 | } | ||
180 | return true; | ||
181 | } | ||
182 | |||
183 | private string GetRemoteAddr(Hashtable request) | ||
184 | { | ||
185 | string remoteaddr = ""; | ||
186 | if (!request.ContainsKey("headers")) | ||
187 | return remoteaddr; | ||
188 | Hashtable requestinfo = (Hashtable)request["headers"]; | ||
189 | if (!requestinfo.ContainsKey("remote_addr")) | ||
190 | return remoteaddr; | ||
191 | object remote_addrobj = requestinfo["remote_addr"]; | ||
192 | if (remote_addrobj != null) | ||
193 | { | ||
194 | if (!string.IsNullOrEmpty(remote_addrobj.ToString())) | ||
195 | { | ||
196 | remoteaddr = remote_addrobj.ToString(); | ||
197 | } | ||
198 | |||
199 | } | ||
200 | return remoteaddr; | ||
201 | } | ||
202 | |||
203 | private string GetClientString(Hashtable request) | ||
204 | { | ||
205 | string clientstring = ""; | ||
206 | if (!request.ContainsKey("headers")) | ||
207 | return clientstring; | ||
208 | |||
209 | Hashtable requestinfo = (Hashtable)request["headers"]; | ||
210 | if (_options.AllowXForwardedFor && requestinfo.ContainsKey("x-forwarded-for")) | ||
211 | { | ||
212 | object str = requestinfo["x-forwarded-for"]; | ||
213 | if (str != null) | ||
214 | { | ||
215 | if (!string.IsNullOrEmpty(str.ToString())) | ||
216 | { | ||
217 | return str.ToString(); | ||
218 | } | ||
219 | } | ||
220 | } | ||
221 | if (!requestinfo.ContainsKey("remote_addr")) | ||
222 | return clientstring; | ||
223 | |||
224 | object remote_addrobj = requestinfo["remote_addr"]; | ||
225 | if (remote_addrobj != null) | ||
226 | { | ||
227 | if (!string.IsNullOrEmpty(remote_addrobj.ToString())) | ||
228 | { | ||
229 | clientstring = remote_addrobj.ToString(); | ||
230 | } | ||
231 | } | ||
232 | |||
233 | return clientstring; | ||
234 | |||
235 | } | ||
236 | |||
237 | } | ||
238 | } | ||
diff --git a/OpenSim/Framework/Servers/HttpServer/XmlRpcBasicDOSProtector.cs b/OpenSim/Framework/Servers/HttpServer/XmlRpcBasicDOSProtector.cs new file mode 100644 index 0000000..ae59c95 --- /dev/null +++ b/OpenSim/Framework/Servers/HttpServer/XmlRpcBasicDOSProtector.cs | |||
@@ -0,0 +1,211 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections.Generic; | ||
30 | using System.Reflection; | ||
31 | using System.Net; | ||
32 | using Nwc.XmlRpc; | ||
33 | using OpenSim.Framework; | ||
34 | using log4net; | ||
35 | |||
36 | namespace OpenSim.Framework.Servers.HttpServer | ||
37 | { | ||
38 | public enum ThrottleAction | ||
39 | { | ||
40 | DoThrottledMethod, | ||
41 | DoThrow | ||
42 | } | ||
43 | |||
44 | public class XmlRpcBasicDOSProtector | ||
45 | { | ||
46 | private readonly XmlRpcMethod _normalMethod; | ||
47 | private readonly XmlRpcMethod _throttledMethod; | ||
48 | private readonly CircularBuffer<int> _generalRequestTimes; // General request checker | ||
49 | private readonly BasicDosProtectorOptions _options; | ||
50 | private readonly Dictionary<string, CircularBuffer<int>> _deeperInspection; // per client request checker | ||
51 | private readonly Dictionary<string, int> _tempBlocked; // blocked list | ||
52 | private readonly System.Timers.Timer _forgetTimer; // Cleanup timer | ||
53 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
54 | private readonly System.Threading.ReaderWriterLockSlim _lockSlim = new System.Threading.ReaderWriterLockSlim(); | ||
55 | |||
56 | public XmlRpcBasicDOSProtector(XmlRpcMethod normalMethod, XmlRpcMethod throttledMethod,BasicDosProtectorOptions options) | ||
57 | { | ||
58 | _normalMethod = normalMethod; | ||
59 | _throttledMethod = throttledMethod; | ||
60 | _generalRequestTimes = new CircularBuffer<int>(options.MaxRequestsInTimeframe + 1,true); | ||
61 | _generalRequestTimes.Put(0); | ||
62 | _options = options; | ||
63 | _deeperInspection = new Dictionary<string, CircularBuffer<int>>(); | ||
64 | _tempBlocked = new Dictionary<string, int>(); | ||
65 | _forgetTimer = new System.Timers.Timer(); | ||
66 | _forgetTimer.Elapsed += delegate | ||
67 | { | ||
68 | _forgetTimer.Enabled = false; | ||
69 | |||
70 | List<string> removes = new List<string>(); | ||
71 | _lockSlim.EnterReadLock(); | ||
72 | foreach (string str in _tempBlocked.Keys) | ||
73 | { | ||
74 | if ( | ||
75 | Util.EnvironmentTickCountSubtract(Util.EnvironmentTickCount(), | ||
76 | _tempBlocked[str]) > 0) | ||
77 | removes.Add(str); | ||
78 | } | ||
79 | _lockSlim.ExitReadLock(); | ||
80 | lock (_deeperInspection) | ||
81 | { | ||
82 | _lockSlim.EnterWriteLock(); | ||
83 | for (int i = 0; i < removes.Count; i++) | ||
84 | { | ||
85 | _tempBlocked.Remove(removes[i]); | ||
86 | _deeperInspection.Remove(removes[i]); | ||
87 | } | ||
88 | _lockSlim.ExitWriteLock(); | ||
89 | } | ||
90 | foreach (string str in removes) | ||
91 | { | ||
92 | m_log.InfoFormat("[{0}] client: {1} is no longer blocked.", | ||
93 | _options.ReportingName, str); | ||
94 | } | ||
95 | _lockSlim.EnterReadLock(); | ||
96 | if (_tempBlocked.Count > 0) | ||
97 | _forgetTimer.Enabled = true; | ||
98 | _lockSlim.ExitReadLock(); | ||
99 | }; | ||
100 | |||
101 | _forgetTimer.Interval = _options.ForgetTimeSpan.TotalMilliseconds; | ||
102 | } | ||
103 | public XmlRpcResponse Process(XmlRpcRequest request, IPEndPoint client) | ||
104 | { | ||
105 | // If these are set like this, this is disabled | ||
106 | if (_options.MaxRequestsInTimeframe < 1 || _options.RequestTimeSpan.TotalMilliseconds < 1) | ||
107 | return _normalMethod(request, client); | ||
108 | |||
109 | string clientstring = GetClientString(request, client); | ||
110 | |||
111 | _lockSlim.EnterReadLock(); | ||
112 | if (_tempBlocked.ContainsKey(clientstring)) | ||
113 | { | ||
114 | _lockSlim.ExitReadLock(); | ||
115 | |||
116 | if (_options.ThrottledAction == ThrottleAction.DoThrottledMethod) | ||
117 | return _throttledMethod(request, client); | ||
118 | else | ||
119 | throw new System.Security.SecurityException("Throttled"); | ||
120 | } | ||
121 | _lockSlim.ExitReadLock(); | ||
122 | |||
123 | _generalRequestTimes.Put(Util.EnvironmentTickCount()); | ||
124 | |||
125 | if (_generalRequestTimes.Size == _generalRequestTimes.Capacity && | ||
126 | (Util.EnvironmentTickCountSubtract(Util.EnvironmentTickCount(), _generalRequestTimes.Get()) < | ||
127 | _options.RequestTimeSpan.TotalMilliseconds)) | ||
128 | { | ||
129 | //Trigger deeper inspection | ||
130 | if (DeeperInspection(request, client)) | ||
131 | return _normalMethod(request, client); | ||
132 | if (_options.ThrottledAction == ThrottleAction.DoThrottledMethod) | ||
133 | return _throttledMethod(request, client); | ||
134 | else | ||
135 | throw new System.Security.SecurityException("Throttled"); | ||
136 | } | ||
137 | XmlRpcResponse resp = null; | ||
138 | |||
139 | resp = _normalMethod(request, client); | ||
140 | |||
141 | return resp; | ||
142 | } | ||
143 | |||
144 | // If the service is getting more hits per expected timeframe then it starts to separate them out by client | ||
145 | private bool DeeperInspection(XmlRpcRequest request, IPEndPoint client) | ||
146 | { | ||
147 | lock (_deeperInspection) | ||
148 | { | ||
149 | string clientstring = GetClientString(request, client); | ||
150 | |||
151 | |||
152 | if (_deeperInspection.ContainsKey(clientstring)) | ||
153 | { | ||
154 | _deeperInspection[clientstring].Put(Util.EnvironmentTickCount()); | ||
155 | if (_deeperInspection[clientstring].Size == _deeperInspection[clientstring].Capacity && | ||
156 | (Util.EnvironmentTickCountSubtract(Util.EnvironmentTickCount(), _deeperInspection[clientstring].Get()) < | ||
157 | _options.RequestTimeSpan.TotalMilliseconds)) | ||
158 | { | ||
159 | //Looks like we're over the limit | ||
160 | _lockSlim.EnterWriteLock(); | ||
161 | if (!_tempBlocked.ContainsKey(clientstring)) | ||
162 | _tempBlocked.Add(clientstring, Util.EnvironmentTickCount() + (int)_options.ForgetTimeSpan.TotalMilliseconds); | ||
163 | else | ||
164 | _tempBlocked[clientstring] = Util.EnvironmentTickCount() + (int)_options.ForgetTimeSpan.TotalMilliseconds; | ||
165 | _lockSlim.ExitWriteLock(); | ||
166 | |||
167 | m_log.WarnFormat("[{0}]: client: {1} is blocked for {2} milliseconds, X-ForwardedForAllowed status is {3}, endpoint:{4}",_options.ReportingName,clientstring,_options.ForgetTimeSpan.TotalMilliseconds, _options.AllowXForwardedFor, client.Address); | ||
168 | |||
169 | return false; | ||
170 | } | ||
171 | //else | ||
172 | // return true; | ||
173 | } | ||
174 | else | ||
175 | { | ||
176 | _deeperInspection.Add(clientstring, new CircularBuffer<int>(_options.MaxRequestsInTimeframe + 1, true)); | ||
177 | _deeperInspection[clientstring].Put(Util.EnvironmentTickCount()); | ||
178 | _forgetTimer.Enabled = true; | ||
179 | } | ||
180 | |||
181 | } | ||
182 | return true; | ||
183 | } | ||
184 | private string GetClientString(XmlRpcRequest request, IPEndPoint client) | ||
185 | { | ||
186 | string clientstring; | ||
187 | if (_options.AllowXForwardedFor && request.Params.Count > 3) | ||
188 | { | ||
189 | object headerstr = request.Params[3]; | ||
190 | if (headerstr != null && !string.IsNullOrEmpty(headerstr.ToString())) | ||
191 | clientstring = request.Params[3].ToString(); | ||
192 | else | ||
193 | clientstring = client.Address.ToString(); | ||
194 | } | ||
195 | else | ||
196 | clientstring = client.Address.ToString(); | ||
197 | return clientstring; | ||
198 | } | ||
199 | |||
200 | } | ||
201 | |||
202 | public class BasicDosProtectorOptions | ||
203 | { | ||
204 | public int MaxRequestsInTimeframe; | ||
205 | public TimeSpan RequestTimeSpan; | ||
206 | public TimeSpan ForgetTimeSpan; | ||
207 | public bool AllowXForwardedFor; | ||
208 | public string ReportingName = "BASICDOSPROTECTOR"; | ||
209 | public ThrottleAction ThrottledAction = ThrottleAction.DoThrottledMethod; | ||
210 | } | ||
211 | } | ||
diff --git a/OpenSim/Region/CoreModules/Avatar/Friends/FriendsRequestHandler.cs b/OpenSim/Region/CoreModules/Avatar/Friends/FriendsRequestHandler.cs index 2116605..ed4b205 100644 --- a/OpenSim/Region/CoreModules/Avatar/Friends/FriendsRequestHandler.cs +++ b/OpenSim/Region/CoreModules/Avatar/Friends/FriendsRequestHandler.cs | |||
@@ -42,14 +42,22 @@ using log4net; | |||
42 | 42 | ||
43 | namespace OpenSim.Region.CoreModules.Avatar.Friends | 43 | namespace OpenSim.Region.CoreModules.Avatar.Friends |
44 | { | 44 | { |
45 | public class FriendsRequestHandler : BaseStreamHandler | 45 | public class FriendsRequestHandler : BaseStreamHandlerBasicDOSProtector |
46 | { | 46 | { |
47 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | 47 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); |
48 | 48 | ||
49 | private FriendsModule m_FriendsModule; | 49 | private FriendsModule m_FriendsModule; |
50 | 50 | ||
51 | public FriendsRequestHandler(FriendsModule fmodule) | 51 | public FriendsRequestHandler(FriendsModule fmodule) |
52 | : base("POST", "/friends") | 52 | : base("POST", "/friends", new BasicDosProtectorOptions() |
53 | { | ||
54 | AllowXForwardedFor = true, | ||
55 | ForgetTimeSpan = TimeSpan.FromMinutes(2), | ||
56 | MaxRequestsInTimeframe = 5, | ||
57 | ReportingName = "FRIENDSDOSPROTECTOR", | ||
58 | RequestTimeSpan = TimeSpan.FromSeconds(5), | ||
59 | ThrottledAction = ThrottleAction.DoThrottledMethod | ||
60 | }) | ||
53 | { | 61 | { |
54 | m_FriendsModule = fmodule; | 62 | m_FriendsModule = fmodule; |
55 | } | 63 | } |
diff --git a/OpenSim/Region/CoreModules/World/WorldMap/WorldMapModule.cs b/OpenSim/Region/CoreModules/World/WorldMap/WorldMapModule.cs index a26a5f0..0f05e07 100644 --- a/OpenSim/Region/CoreModules/World/WorldMap/WorldMapModule.cs +++ b/OpenSim/Region/CoreModules/World/WorldMap/WorldMapModule.cs | |||
@@ -165,7 +165,16 @@ namespace OpenSim.Region.CoreModules.World.WorldMap | |||
165 | regionimage = regionimage.Replace("-", ""); | 165 | regionimage = regionimage.Replace("-", ""); |
166 | m_log.Info("[WORLD MAP]: JPEG Map location: " + m_scene.RegionInfo.ServerURI + "index.php?method=" + regionimage); | 166 | m_log.Info("[WORLD MAP]: JPEG Map location: " + m_scene.RegionInfo.ServerURI + "index.php?method=" + regionimage); |
167 | 167 | ||
168 | MainServer.Instance.AddHTTPHandler(regionimage, OnHTTPGetMapImage); | 168 | MainServer.Instance.AddHTTPHandler(regionimage, |
169 | new GenericHTTPDOSProtector(OnHTTPGetMapImage, OnHTTPThrottled, new BasicDosProtectorOptions() | ||
170 | { | ||
171 | AllowXForwardedFor = false, | ||
172 | ForgetTimeSpan = TimeSpan.FromMinutes(2), | ||
173 | MaxRequestsInTimeframe = 4, | ||
174 | ReportingName = "MAPDOSPROTECTOR", | ||
175 | RequestTimeSpan = TimeSpan.FromSeconds(10), | ||
176 | ThrottledAction = ThrottleAction.DoThrottledMethod | ||
177 | }).Process); | ||
169 | MainServer.Instance.AddLLSDHandler( | 178 | MainServer.Instance.AddLLSDHandler( |
170 | "/MAP/MapItems/" + m_scene.RegionInfo.RegionHandle.ToString(), HandleRemoteMapItemRequest); | 179 | "/MAP/MapItems/" + m_scene.RegionInfo.RegionHandle.ToString(), HandleRemoteMapItemRequest); |
171 | 180 | ||
@@ -1081,6 +1090,16 @@ namespace OpenSim.Region.CoreModules.World.WorldMap | |||
1081 | block.Y = (ushort)(r.RegionLocY / Constants.RegionSize); | 1090 | block.Y = (ushort)(r.RegionLocY / Constants.RegionSize); |
1082 | } | 1091 | } |
1083 | 1092 | ||
1093 | public Hashtable OnHTTPThrottled(Hashtable keysvals) | ||
1094 | { | ||
1095 | Hashtable reply = new Hashtable(); | ||
1096 | int statuscode = 500; | ||
1097 | reply["str_response_string"] = "I blocked you! HAHAHAHAHAHAHHAHAH"; | ||
1098 | reply["int_response_code"] = statuscode; | ||
1099 | reply["content_type"] = "text/plain"; | ||
1100 | return reply; | ||
1101 | } | ||
1102 | |||
1084 | public Hashtable OnHTTPGetMapImage(Hashtable keysvals) | 1103 | public Hashtable OnHTTPGetMapImage(Hashtable keysvals) |
1085 | { | 1104 | { |
1086 | m_log.Debug("[WORLD MAP]: Sending map image jpeg"); | 1105 | m_log.Debug("[WORLD MAP]: Sending map image jpeg"); |
diff --git a/OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs b/OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs index 8b23a83..0bd0235 100644 --- a/OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs +++ b/OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs | |||
@@ -42,14 +42,22 @@ using OpenSim.Framework.Servers.HttpServer; | |||
42 | 42 | ||
43 | namespace OpenSim.Server.Handlers.Asset | 43 | namespace OpenSim.Server.Handlers.Asset |
44 | { | 44 | { |
45 | public class AssetServerGetHandler : BaseStreamHandler | 45 | public class AssetServerGetHandler : BaseStreamHandlerBasicDOSProtector |
46 | { | 46 | { |
47 | // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | 47 | // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); |
48 | 48 | ||
49 | private IAssetService m_AssetService; | 49 | private IAssetService m_AssetService; |
50 | 50 | ||
51 | public AssetServerGetHandler(IAssetService service) : | 51 | public AssetServerGetHandler(IAssetService service) : |
52 | base("GET", "/assets") | 52 | base("GET", "/assets",new BasicDosProtectorOptions() |
53 | { | ||
54 | AllowXForwardedFor = true, | ||
55 | ForgetTimeSpan = TimeSpan.FromSeconds(2), | ||
56 | MaxRequestsInTimeframe = 5, | ||
57 | ReportingName = "ASSETGETDOSPROTECTOR", | ||
58 | RequestTimeSpan = TimeSpan.FromSeconds(5), | ||
59 | ThrottledAction = ThrottleAction.DoThrottledMethod | ||
60 | }) | ||
53 | { | 61 | { |
54 | m_AssetService = service; | 62 | m_AssetService = service; |
55 | } | 63 | } |
diff --git a/OpenSim/Server/Handlers/Login/LLLoginHandlers.cs b/OpenSim/Server/Handlers/Login/LLLoginHandlers.cs index e4a0ffa..f2a5678 100644 --- a/OpenSim/Server/Handlers/Login/LLLoginHandlers.cs +++ b/OpenSim/Server/Handlers/Login/LLLoginHandlers.cs | |||
@@ -145,6 +145,17 @@ namespace OpenSim.Server.Handlers.Login | |||
145 | return FailedXMLRPCResponse(); | 145 | return FailedXMLRPCResponse(); |
146 | 146 | ||
147 | } | 147 | } |
148 | public XmlRpcResponse HandleXMLRPCLoginBlocked(XmlRpcRequest request, IPEndPoint client) | ||
149 | { | ||
150 | XmlRpcResponse response = new XmlRpcResponse(); | ||
151 | Hashtable resp = new Hashtable(); | ||
152 | |||
153 | resp["reason"] = "presence"; | ||
154 | resp["message"] = "Logins are currently restricted. Please try again later."; | ||
155 | resp["login"] = "false"; | ||
156 | response.Value = resp; | ||
157 | return response; | ||
158 | } | ||
148 | 159 | ||
149 | public XmlRpcResponse HandleXMLRPCSetLoginLevel(XmlRpcRequest request, IPEndPoint remoteClient) | 160 | public XmlRpcResponse HandleXMLRPCSetLoginLevel(XmlRpcRequest request, IPEndPoint remoteClient) |
150 | { | 161 | { |
diff --git a/OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs b/OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs index 97e8295..f60e892 100644 --- a/OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs +++ b/OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs | |||
@@ -44,6 +44,7 @@ namespace OpenSim.Server.Handlers.Login | |||
44 | 44 | ||
45 | private ILoginService m_LoginService; | 45 | private ILoginService m_LoginService; |
46 | private bool m_Proxy; | 46 | private bool m_Proxy; |
47 | private BasicDosProtectorOptions m_DosProtectionOptions; | ||
47 | 48 | ||
48 | public LLLoginServiceInConnector(IConfigSource config, IHttpServer server, IScene scene) : | 49 | public LLLoginServiceInConnector(IConfigSource config, IHttpServer server, IScene scene) : |
49 | base(config, server, String.Empty) | 50 | base(config, server, String.Empty) |
@@ -88,6 +89,16 @@ namespace OpenSim.Server.Handlers.Login | |||
88 | throw new Exception(String.Format("No LocalServiceModule for LoginService in config file")); | 89 | throw new Exception(String.Format("No LocalServiceModule for LoginService in config file")); |
89 | 90 | ||
90 | m_Proxy = serverConfig.GetBoolean("HasProxy", false); | 91 | m_Proxy = serverConfig.GetBoolean("HasProxy", false); |
92 | m_DosProtectionOptions = new BasicDosProtectorOptions(); | ||
93 | // Dos Protection Options | ||
94 | m_DosProtectionOptions.AllowXForwardedFor = serverConfig.GetBoolean("DOSAllowXForwardedForHeader", false); | ||
95 | m_DosProtectionOptions.RequestTimeSpan = | ||
96 | TimeSpan.FromMilliseconds(serverConfig.GetInt("DOSRequestTimeFrameMS", 10000)); | ||
97 | m_DosProtectionOptions.MaxRequestsInTimeframe = serverConfig.GetInt("DOSMaxRequestsInTimeFrame", 5); | ||
98 | m_DosProtectionOptions.ForgetTimeSpan = | ||
99 | TimeSpan.FromMilliseconds(serverConfig.GetInt("DOSForgiveClientAfterMS", 120000)); | ||
100 | m_DosProtectionOptions.ReportingName = "LOGINDOSPROTECTION"; | ||
101 | |||
91 | 102 | ||
92 | return loginService; | 103 | return loginService; |
93 | } | 104 | } |
@@ -95,7 +106,9 @@ namespace OpenSim.Server.Handlers.Login | |||
95 | private void InitializeHandlers(IHttpServer server) | 106 | private void InitializeHandlers(IHttpServer server) |
96 | { | 107 | { |
97 | LLLoginHandlers loginHandlers = new LLLoginHandlers(m_LoginService, m_Proxy); | 108 | LLLoginHandlers loginHandlers = new LLLoginHandlers(m_LoginService, m_Proxy); |
98 | server.AddXmlRPCHandler("login_to_simulator", loginHandlers.HandleXMLRPCLogin, false); | 109 | server.AddXmlRPCHandler("login_to_simulator", |
110 | new XmlRpcBasicDOSProtector(loginHandlers.HandleXMLRPCLogin,loginHandlers.HandleXMLRPCLoginBlocked, | ||
111 | m_DosProtectionOptions).Process, false); | ||
99 | server.AddXmlRPCHandler("set_login_level", loginHandlers.HandleXMLRPCSetLoginLevel, false); | 112 | server.AddXmlRPCHandler("set_login_level", loginHandlers.HandleXMLRPCSetLoginLevel, false); |
100 | server.SetDefaultLLSDHandler(loginHandlers.HandleLLSDLogin); | 113 | server.SetDefaultLLSDHandler(loginHandlers.HandleLLSDLogin); |
101 | server.AddWebSocketHandler("/WebSocket/GridLogin", loginHandlers.HandleWebSocketLoginEvents); | 114 | server.AddWebSocketHandler("/WebSocket/GridLogin", loginHandlers.HandleWebSocketLoginEvents); |
diff --git a/ThirdPartyLicenses/CircularBuffer.txt b/ThirdPartyLicenses/CircularBuffer.txt new file mode 100644 index 0000000..09c37d9 --- /dev/null +++ b/ThirdPartyLicenses/CircularBuffer.txt | |||
@@ -0,0 +1,16 @@ | |||
1 | Copyright (c) 2012, Alex Regueiro | ||
2 | All rights reserved. | ||
3 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the | ||
4 | following conditions are met: | ||
5 | |||
6 | Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. | ||
7 | Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer | ||
8 | in the documentation and/or other materials provided with the distribution. | ||
9 | |||
10 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, | ||
11 | BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
12 | IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, | ||
13 | OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, | ||
14 | OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | ||
15 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | ||
16 | POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file | ||
diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example index de6fc28..74c208d 100644 --- a/bin/Robust.ini.example +++ b/bin/Robust.ini.example | |||
@@ -356,6 +356,25 @@ MapGetServiceConnector = "8002/OpenSim.Server.Handlers.dll:MapGetServiceConnecto | |||
356 | ;; 'America/Los_Angeles' is used on Linux/Mac systems whilst 'Pacific Standard Time' is used on Windows | 356 | ;; 'America/Los_Angeles' is used on Linux/Mac systems whilst 'Pacific Standard Time' is used on Windows |
357 | DSTZone = "America/Los_Angeles;Pacific Standard Time" | 357 | DSTZone = "America/Los_Angeles;Pacific Standard Time" |
358 | 358 | ||
359 | ;Basic Login Service Dos Protection Tweaks | ||
360 | ;; | ||
361 | ;; Some Grids/Users use a transparent proxy that makes use of the X-Forwarded-For HTTP Header, If you do, set this to true | ||
362 | ;; If you set this to true and you don't have a transparent proxy, it may allow attackers to put random things in the X-Forwarded-For header to | ||
363 | ;; get around this basic DOS protection. | ||
364 | ;DOSAllowXForwardedForHeader = false | ||
365 | ;; | ||
366 | ;; The protector adds up requests during this rolling period of time, default 10 seconds | ||
367 | ;DOSRequestTimeFrameMS = 10000 | ||
368 | ;; | ||
369 | ;; The amount of requests in the above timeframe from the same endpoint that triggers protection | ||
370 | ;DOSMaxRequestsInTimeFrame = 5 | ||
371 | ;; | ||
372 | ;; The amount of time that a specific endpoint is blocked. Default 2 minutes. | ||
373 | ;DOSForgiveClientAfterMS = 120000 | ||
374 | ;; | ||
375 | ;; To turn off basic dos protection, set the DOSMaxRequestsInTimeFrame to 0. | ||
376 | |||
377 | |||
359 | [MapImageService] | 378 | [MapImageService] |
360 | LocalServiceModule = "OpenSim.Services.MapImageService.dll:MapImageService" | 379 | LocalServiceModule = "OpenSim.Services.MapImageService.dll:MapImageService" |
361 | ; Set this if you want to change the default | 380 | ; Set this if you want to change the default |
diff --git a/bin/config-include/StandaloneCommon.ini.example b/bin/config-include/StandaloneCommon.ini.example index 12c5b95..75fd956 100644 --- a/bin/config-include/StandaloneCommon.ini.example +++ b/bin/config-include/StandaloneCommon.ini.example | |||
@@ -117,7 +117,7 @@ | |||
117 | SRV_AssetServerURI = "http://127.0.0.1:9000" | 117 | SRV_AssetServerURI = "http://127.0.0.1:9000" |
118 | SRV_ProfileServerURI = "http://127.0.0.1:9000" | 118 | SRV_ProfileServerURI = "http://127.0.0.1:9000" |
119 | SRV_FriendsServerURI = "http://127.0.0.1:9000" | 119 | SRV_FriendsServerURI = "http://127.0.0.1:9000" |
120 | SRV_IMServerURI = "http://127.0.0.1:9000" | 120 | SRV_IMServerURI = "http://127.0.0.1:9000 |
121 | 121 | ||
122 | ;; For Viewer 2 | 122 | ;; For Viewer 2 |
123 | MapTileURL = "http://127.0.0.1:9000/" | 123 | MapTileURL = "http://127.0.0.1:9000/" |
@@ -150,6 +150,23 @@ | |||
150 | ;AllowedClients = "" | 150 | ;AllowedClients = "" |
151 | ;DeniedClients = "" | 151 | ;DeniedClients = "" |
152 | 152 | ||
153 | ; Basic Login Service Dos Protection Tweaks | ||
154 | ; ; | ||
155 | ; ; Some Grids/Users use a transparent proxy that makes use of the X-Forwarded-For HTTP Header, If you do, set this to true | ||
156 | ; ; If you set this to true and you don't have a transparent proxy, it may allow attackers to put random things in the X-Forwarded-For header to | ||
157 | ; ; get around this basic DOS protection. | ||
158 | ; DOSAllowXForwardedForHeader = false | ||
159 | ; ; | ||
160 | ; ; The protector adds up requests during this rolling period of time, default 10 seconds | ||
161 | ; DOSRequestTimeFrameMS = 10000 | ||
162 | ; ; | ||
163 | ; ; The amount of requests in the above timeframe from the same endpoint that triggers protection | ||
164 | ; DOSMaxRequestsInTimeFrame = 5 | ||
165 | ; ; | ||
166 | ; ; The amount of time that a specific endpoint is blocked. Default 2 minutes. | ||
167 | ; DOSForgiveClientAfterMS = 120000 | ||
168 | ; ; | ||
169 | ; ; To turn off basic dos protection, set the DOSMaxRequestsInTimeFrame to 0. | ||
153 | 170 | ||
154 | [FreeswitchService] | 171 | [FreeswitchService] |
155 | ;; If FreeSWITCH is not being used then you don't need to set any of these parameters | 172 | ;; If FreeSWITCH is not being used then you don't need to set any of these parameters |