powered by Jive Software

*PATCH* Flash Cross-Domain Options

We recently ran into a problem where a rogue client connected on port 5229 and got stuck in a weird state that caused it to suck up 100% CPU for an extended period of time. Since we no longer use port 5229 for handling Flash crossdomain files, it would be nice to be able to turn this port off.

This is a patch that adds some new properties “flash.crossdomain.enabled” (defaults to true) and “flash.crossdomain.port” (defaults to 5229) which allow you to configure or disable this port beyond the previous hard-coded options.

The modification takes place at the stop of the function FlashCrossdomainHandler.startServer():

private void startServer() throws Exception {
        if(!JiveGlobals.getBooleanProperty("flash.crossdomain.enabled",true)){
            Log.debug("Flash cross domain listener is disabled");
            return;
        }
                int port = JiveGlobals.getIntProperty("flash.crossdomain.port",5229);
        try {
            // Listen on a specific network interface if it has been set.
            String interfaceName = JiveGlobals.getXMLProperty("network.interface");
            InetAddress bindInterface = null;
            if (interfaceName != null) {
                if (interfaceName.trim().length() > 0) {
                    bindInterface = InetAddress.getByName(interfaceName);
                }
            }
            serverSocket = new ServerSocket(port, -1, bindInterface);
            Log.debug("Flash cross domain is listening on " + interfaceName + " on port " + port);
        }
        catch (IOException e) {
            Log.error("Could not listen on port: " + port, e);
            return;
        }

Here is a pastie link to the diff, which I will also attach:

http://pastie.org/private/itdwvxbgwabqnlw5ralqq

It would be very nice if this could be reviewed/rolled into the source tree at some point. I realize we can also disallow access to 5229 by using a firewall, but it is nice to be able to configure the software as well.

OF-21 , committed to trunk, thanks!