Chromium Code Reviews Chromium Code Reviews
Issue 205583011:
[Draft] Fix canceling pin prompt causes host overload (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/host/chromoting_host.h" | 5 #include "remoting/host/chromoting_host.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/callback.h" | 10 #include "base/callback.h" |
| (...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 164 DisconnectAllClients(); | 164 DisconnectAllClients(); |
| 165 } | 165 } |
| 166 | 166 |
| 167 void ChromotingHost::SetMaximumSessionDuration( | 167 void ChromotingHost::SetMaximumSessionDuration( |
| 168 const base::TimeDelta& max_session_duration) { | 168 const base::TimeDelta& max_session_duration) { |
| 169 max_session_duration_ = max_session_duration; | 169 max_session_duration_ = max_session_duration; |
| 170 } | 170 } |
| 171 | 171 |
| 172 //////////////////////////////////////////////////////////////////////////// | 172 //////////////////////////////////////////////////////////////////////////// |
| 173 // protocol::ClientSession::EventHandler implementation. | 173 // protocol::ClientSession::EventHandler implementation. |
| 174 void ChromotingHost::OnSessionAuthenticating(ClientSession* client) { | |
| 175 // We treat each incoming connection as a failure to authenticate, | |
| 176 // and clear the backoff when a connection successfully | |
| 177 // authenticates. This allows the backoff to protect from parallel | |
| 178 // connection attempts as well as sequential ones. | |
| 179 if (login_backoff_.ShouldRejectRequest()) { | |
| 180 client->DisconnectSession(); | |
|
Sergey Ulanov
2014/03/27 19:06:55
return here. We don't want to increment backoff on
kelvinp
2014/04/01 21:23:49
Done.
| |
| 181 } | |
| 182 login_backoff_.InformOfRequest(false); | |
| 183 } | |
| 184 | |
| 174 bool ChromotingHost::OnSessionAuthenticated(ClientSession* client) { | 185 bool ChromotingHost::OnSessionAuthenticated(ClientSession* client) { |
| 175 DCHECK(CalledOnValidThread()); | 186 DCHECK(CalledOnValidThread()); |
| 176 | 187 |
| 177 login_backoff_.Reset(); | 188 login_backoff_.Reset(); |
| 178 | 189 |
| 179 // Disconnect all other clients. |it| should be advanced before Disconnect() | 190 // Disconnect all other clients. |it| should be advanced before Disconnect() |
| 180 // is called to avoid it becoming invalid when the client is removed from | 191 // is called to avoid it becoming invalid when the client is removed from |
| 181 // the list. | 192 // the list. |
| 182 ClientList::iterator it = clients_.begin(); | 193 ClientList::iterator it = clients_.begin(); |
| 183 while (it != clients_.end()) { | 194 while (it != clients_.end()) { |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 258 protocol::Session* session, | 269 protocol::Session* session, |
| 259 protocol::SessionManager::IncomingSessionResponse* response) { | 270 protocol::SessionManager::IncomingSessionResponse* response) { |
| 260 DCHECK(CalledOnValidThread()); | 271 DCHECK(CalledOnValidThread()); |
| 261 | 272 |
| 262 if (!started_) { | 273 if (!started_) { |
| 263 *response = protocol::SessionManager::DECLINE; | 274 *response = protocol::SessionManager::DECLINE; |
| 264 return; | 275 return; |
| 265 } | 276 } |
| 266 | 277 |
| 267 if (login_backoff_.ShouldRejectRequest()) { | 278 if (login_backoff_.ShouldRejectRequest()) { |
| 279 LOG(WARNING) << "Rejecting connection due to" | |
| 280 " an overload of failed login attempts."; | |
| 268 *response = protocol::SessionManager::OVERLOAD; | 281 *response = protocol::SessionManager::OVERLOAD; |
| 269 return; | 282 return; |
| 270 } | 283 } |
| 271 | 284 |
| 272 // We treat each incoming connection as a failure to authenticate, | |
| 273 // and clear the backoff when a connection successfully | |
| 274 // authenticates. This allows the backoff to protect from parallel | |
| 275 // connection attempts as well as sequential ones. | |
| 276 login_backoff_.InformOfRequest(false); | |
| 277 | |
| 278 protocol::SessionConfig config; | 285 protocol::SessionConfig config; |
| 279 if (!protocol_config_->Select(session->candidate_config(), &config)) { | 286 if (!protocol_config_->Select(session->candidate_config(), &config)) { |
| 280 LOG(WARNING) << "Rejecting connection from " << session->jid() | 287 LOG(WARNING) << "Rejecting connection from " << session->jid() |
| 281 << " because no compatible configuration has been found."; | 288 << " because no compatible configuration has been found."; |
| 282 *response = protocol::SessionManager::INCOMPATIBLE; | 289 *response = protocol::SessionManager::INCOMPATIBLE; |
| 283 return; | 290 return; |
| 284 } | 291 } |
| 285 | 292 |
| 286 session->set_config(config); | 293 session->set_config(config); |
| 287 | 294 |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 319 DCHECK(CalledOnValidThread()); | 326 DCHECK(CalledOnValidThread()); |
| 320 | 327 |
| 321 while (!clients_.empty()) { | 328 while (!clients_.empty()) { |
| 322 size_t size = clients_.size(); | 329 size_t size = clients_.size(); |
| 323 clients_.front()->DisconnectSession(); | 330 clients_.front()->DisconnectSession(); |
| 324 CHECK_EQ(clients_.size(), size - 1); | 331 CHECK_EQ(clients_.size(), size - 1); |
| 325 } | 332 } |
| 326 } | 333 } |
| 327 | 334 |
| 328 } // namespace remoting | 335 } // namespace remoting |
| OLD | NEW |
