diff options
| author | Joakim Erdfelt | 2012-07-13 13:46:01 +0000 |
|---|---|---|
| committer | Joakim Erdfelt | 2012-07-13 13:46:01 +0000 |
| commit | c7825731a77810f8a3b24ddffee9ffe5962df5a8 (patch) | |
| tree | 47a394f367fa5cda2c8be7fa6e8d6ca6dbe1e384 | |
| parent | c50e547152f7d47ac411dc7dc8c13ced334e0a82 (diff) | |
| download | org.eclipse.jetty.project-c7825731a77810f8a3b24ddffee9ffe5962df5a8.tar.gz org.eclipse.jetty.project-c7825731a77810f8a3b24ddffee9ffe5962df5a8.tar.xz org.eclipse.jetty.project-c7825731a77810f8a3b24ddffee9ffe5962df5a8.zip | |
Making DNS Hijacking more evident
| -rw-r--r-- | jetty-server/src/test/java/org/eclipse/jetty/server/handler/ConnectHandlerTest.java | 33 |
1 files changed, 27 insertions, 6 deletions
diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/handler/ConnectHandlerTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/handler/ConnectHandlerTest.java index 722584758a..8a5ac5b5d2 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/handler/ConnectHandlerTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/handler/ConnectHandlerTest.java @@ -12,15 +12,21 @@ package org.eclipse.jetty.server.handler; //You may elect to redistribute this code under either of these licenses. //======================================================================== +import static org.junit.Assert.*; +import static org.junit.Assume.*; + import java.io.BufferedReader; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; +import java.net.InetAddress; import java.net.Socket; +import java.net.UnknownHostException; import java.nio.channels.SocketChannel; import java.util.concurrent.ConcurrentMap; + import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; @@ -31,13 +37,10 @@ import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.nio.SelectChannelConnector; import org.eclipse.jetty.toolchain.test.OS; -import org.eclipse.jetty.util.log.Log; +import org.junit.Assert; import org.junit.BeforeClass; import org.junit.Test; -import static org.junit.Assert.assertEquals; -import static org.junit.Assume.assumeTrue; - /** * @version $Revision$ $Date$ */ @@ -120,7 +123,25 @@ public class ConnectHandlerTest extends AbstractConnectHandlerTest @Test public void testCONNECTBadHostPort() throws Exception { - String hostPort = "badlocalhost:" + serverConnector.getLocalPort(); + String invalidHostname = "AMAZEBALLS_BADHOST.webtide.com"; + + try + { + InetAddress addr = InetAddress.getByName(invalidHostname); + StringBuilder err = new StringBuilder(); + err.append("DNS Hijacking detected: "); + err.append(invalidHostname).append(" should have not returned a valid IP address ["); + err.append(addr.getHostAddress()).append("]. "); + err.append("Fix your DNS provider to have this test pass."); + err.append("\nFor more info see https://en.wikipedia.org/wiki/DNS_hijacking"); + Assert.assertNull(err.toString(), addr); + } + catch (UnknownHostException e) + { + // expected path + } + + String hostPort = String.format("%s:%d",invalidHostname,serverConnector.getLocalPort()); String request = "" + "CONNECT " + hostPort + " HTTP/1.1\r\n" + "Host: " + hostPort + "\r\n" + @@ -137,7 +158,7 @@ public class ConnectHandlerTest extends AbstractConnectHandlerTest // Expect 500 OK from the CONNECT request Response response = readResponse(input); - assertEquals("500", response.getCode()); + assertEquals("Response Code", "500", response.getCode()); } finally { |