Limit max handshake size (#12678)
This commit is contained in:
Brennan
John Luo
parent
e0e9096af5
commit
ad533b76fb
|
|
@ -144,6 +144,7 @@ namespace Microsoft.AspNetCore.SignalR
|
|||
public HubConnectionContextOptions() { }
|
||||
public System.TimeSpan ClientTimeoutInterval { [System.Runtime.CompilerServices.CompilerGeneratedAttribute]get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute]set { } }
|
||||
public System.TimeSpan KeepAliveInterval { [System.Runtime.CompilerServices.CompilerGeneratedAttribute]get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute]set { } }
|
||||
public long? MaximumReceiveMessageSize { [System.Runtime.CompilerServices.CompilerGeneratedAttribute]get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute]set { } }
|
||||
public int StreamBufferCapacity { [System.Runtime.CompilerServices.CompilerGeneratedAttribute]get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute]set { } }
|
||||
}
|
||||
public partial class HubConnectionHandler<THub> : Microsoft.AspNetCore.Connections.ConnectionHandler where THub : Microsoft.AspNetCore.SignalR.Hub
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ namespace Microsoft.AspNetCore.SignalR
|
|||
private bool _clientTimeoutActive;
|
||||
private bool _connectionAborted;
|
||||
private int _streamBufferCapacity;
|
||||
private long? _maxMessageSize;
|
||||
|
||||
/// <summary>
|
||||
/// Initializes a new instance of the <see cref="HubConnectionContext"/> class.
|
||||
|
|
@ -55,6 +56,7 @@ namespace Microsoft.AspNetCore.SignalR
|
|||
_keepAliveInterval = contextOptions.KeepAliveInterval.Ticks;
|
||||
_clientTimeoutInterval = contextOptions.ClientTimeoutInterval.Ticks;
|
||||
_streamBufferCapacity = contextOptions.StreamBufferCapacity;
|
||||
_maxMessageSize = contextOptions.MaximumReceiveMessageSize;
|
||||
|
||||
_connectionContext = connectionContext;
|
||||
_logger = loggerFactory.CreateLogger<HubConnectionContext>();
|
||||
|
|
@ -406,10 +408,20 @@ namespace Microsoft.AspNetCore.SignalR
|
|||
|
||||
if (!buffer.IsEmpty)
|
||||
{
|
||||
if (HandshakeProtocol.TryParseRequestMessage(ref buffer, out var handshakeRequestMessage))
|
||||
var segment = buffer;
|
||||
var overLength = false;
|
||||
|
||||
if (_maxMessageSize != null && buffer.Length > _maxMessageSize.Value)
|
||||
{
|
||||
// We give the parser a sliding window of the default message size
|
||||
segment = segment.Slice(segment.Start, _maxMessageSize.Value);
|
||||
overLength = true;
|
||||
}
|
||||
|
||||
if (HandshakeProtocol.TryParseRequestMessage(ref segment, out var handshakeRequestMessage))
|
||||
{
|
||||
// We parsed the handshake
|
||||
consumed = buffer.Start;
|
||||
consumed = segment.Start;
|
||||
examined = consumed;
|
||||
|
||||
Protocol = protocolResolver.GetProtocol(handshakeRequestMessage.Protocol, supportedProtocols);
|
||||
|
|
@ -461,6 +473,12 @@ namespace Microsoft.AspNetCore.SignalR
|
|||
await WriteHandshakeResponseAsync(HandshakeResponseMessage.Empty);
|
||||
return true;
|
||||
}
|
||||
else if (overLength)
|
||||
{
|
||||
Log.HandshakeSizeLimitExceeded(_logger, _maxMessageSize.Value);
|
||||
await WriteHandshakeResponseAsync(new HandshakeResponseMessage("Handshake was canceled."));
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if (result.IsCompleted)
|
||||
|
|
@ -619,6 +637,9 @@ namespace Microsoft.AspNetCore.SignalR
|
|||
private static readonly Action<ILogger, int, Exception> _clientTimeout =
|
||||
LoggerMessage.Define<int>(LogLevel.Debug, new EventId(9, "ClientTimeout"), "Client timeout ({ClientTimeout}ms) elapsed without receiving a message from the client. Closing connection.");
|
||||
|
||||
private static readonly Action<ILogger, long, Exception> _handshakeSizeLimitExceeded =
|
||||
LoggerMessage.Define<long>(LogLevel.Debug, new EventId(10, "HandshakeSizeLimitExceeded"), "The maximum message size of {MaxMessageSize}B was exceeded while parsing the Handshake. The message size can be configured in AddHubOptions.");
|
||||
|
||||
public static void HandshakeComplete(ILogger logger, string hubProtocol)
|
||||
{
|
||||
_handshakeComplete(logger, hubProtocol, null);
|
||||
|
|
@ -663,6 +684,11 @@ namespace Microsoft.AspNetCore.SignalR
|
|||
{
|
||||
_clientTimeout(logger, (int)timeout.TotalMilliseconds, null);
|
||||
}
|
||||
|
||||
public static void HandshakeSizeLimitExceeded(ILogger logger, long maxMessageSize)
|
||||
{
|
||||
_handshakeSizeLimitExceeded(logger, maxMessageSize, null);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,5 +24,10 @@ namespace Microsoft.AspNetCore.SignalR
|
|||
/// Gets or sets the max buffer size for client upload streams.
|
||||
/// </summary>
|
||||
public int StreamBufferCapacity { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the maximum message size the client can send.
|
||||
/// </summary>
|
||||
public long? MaximumReceiveMessageSize { get; set; }
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -89,6 +89,7 @@ namespace Microsoft.AspNetCore.SignalR
|
|||
KeepAliveInterval = _hubOptions.KeepAliveInterval ?? _globalHubOptions.KeepAliveInterval ?? HubOptionsSetup.DefaultKeepAliveInterval,
|
||||
ClientTimeoutInterval = _hubOptions.ClientTimeoutInterval ?? _globalHubOptions.ClientTimeoutInterval ?? HubOptionsSetup.DefaultClientTimeoutInterval,
|
||||
StreamBufferCapacity = _hubOptions.StreamBufferCapacity ?? _globalHubOptions.StreamBufferCapacity ?? HubOptionsSetup.DefaultStreamBufferCapacity,
|
||||
MaximumReceiveMessageSize = _maximumMessageSize,
|
||||
};
|
||||
|
||||
Log.ConnectedStarting(_logger);
|
||||
|
|
|
|||
|
|
@ -310,6 +310,40 @@ namespace Microsoft.AspNetCore.SignalR.Tests
|
|||
}
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task ConnectionClosedWhenHandshakeLargerThanMaxMessageSize()
|
||||
{
|
||||
using (StartVerifiableLog())
|
||||
{
|
||||
var connectionHandler = HubConnectionHandlerTestUtils.GetHubConnectionHandler(typeof(HubT), loggerFactory: LoggerFactory,
|
||||
builder =>
|
||||
{
|
||||
builder.AddSignalR(o =>
|
||||
{
|
||||
o.MaximumReceiveMessageSize = 1;
|
||||
});
|
||||
});
|
||||
|
||||
using (var client = new TestClient())
|
||||
{
|
||||
client.SupportedFormats = TransferFormat.Text;
|
||||
|
||||
var connectionHandlerTask = await client.ConnectAsync(connectionHandler,
|
||||
sendHandshakeRequestMessage: true,
|
||||
expectedHandshakeResponseMessage: false);
|
||||
|
||||
var message = await client.ReadAsync(isHandshake: true).OrTimeout();
|
||||
|
||||
Assert.Equal("Handshake was canceled.", ((HandshakeResponseMessage)message).Error);
|
||||
|
||||
// Connection closes
|
||||
await connectionHandlerTask.OrTimeout();
|
||||
|
||||
client.Dispose();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task SendingHandshakeRequestInChunksWorks()
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in New Issue