diff options
author | Greg Wilkins | 2015-04-29 05:18:48 +0000 |
---|---|---|
committer | Greg Wilkins | 2015-04-29 05:18:48 +0000 |
commit | 2c65b66f9c24f2cad43dd8d65729921be6767246 (patch) | |
tree | 4f396cfc84437ba610cbe2dfcc7589c77ac078ec /jetty-servlets | |
parent | d5c95a1302230ba8e20d1fd56dc99b7a3302a256 (diff) | |
download | org.eclipse.jetty.project-2c65b66f9c24f2cad43dd8d65729921be6767246.tar.gz org.eclipse.jetty.project-2c65b66f9c24f2cad43dd8d65729921be6767246.tar.xz org.eclipse.jetty.project-2c65b66f9c24f2cad43dd8d65729921be6767246.zip |
465734 DosFilter whitelist bit pattern fix
Diffstat (limited to 'jetty-servlets')
-rw-r--r-- | jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java | 16 | ||||
-rw-r--r-- | jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java | 21 |
2 files changed, 27 insertions, 10 deletions
diff --git a/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java index 43ce257f0f..ad758b18bf 100644 --- a/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java +++ b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java @@ -723,6 +723,10 @@ public class DoSFilter implements Filter prefix -= 8; ++index; } + + if (index == result.length) + return result; + // Sets the _prefix_ most significant bits to 1 result[index] = (byte)~((1 << (8 - prefix)) - 1); return result; @@ -1038,6 +1042,18 @@ public class DoSFilter implements Filter _whitelist.addAll(result); LOG.debug("Whitelisted IP addresses: {}", result); } + + /** + * Set a list of IP addresses that will not be rate limited. + * + * @param values whitelist + */ + public void setWhitelist(List<String> values) + { + clearWhitelist(); + _whitelist.addAll(values); + LOG.debug("Whitelisted IP addresses: {}", values); + } /** * Clears the list of whitelisted IP addresses diff --git a/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java b/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java index b55e26905d..93177e9025 100644 --- a/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java +++ b/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java @@ -78,19 +78,20 @@ public class DoSFilterTest extends AbstractDoSFilterTest { DoSFilter filter = new DoSFilter(); List<String> whitelist = new ArrayList<String>(); - whitelist.add("192.168.0.1"); + whitelist.add("192.168.0.1/32"); whitelist.add("10.0.0.0/8"); whitelist.add("4d8:0:a:1234:ABc:1F:b18:17"); whitelist.add("4d8:0:a:1234:ABc:1F:0:0/96"); - Assert.assertTrue(filter.checkWhitelist(whitelist, "192.168.0.1")); - Assert.assertFalse(filter.checkWhitelist(whitelist, "192.168.0.2")); - Assert.assertFalse(filter.checkWhitelist(whitelist, "11.12.13.14")); - Assert.assertTrue(filter.checkWhitelist(whitelist, "10.11.12.13")); - Assert.assertTrue(filter.checkWhitelist(whitelist, "10.0.0.0")); - Assert.assertFalse(filter.checkWhitelist(whitelist, "0.0.0.0")); - Assert.assertTrue(filter.checkWhitelist(whitelist, "4d8:0:a:1234:ABc:1F:b18:17")); - Assert.assertTrue(filter.checkWhitelist(whitelist, "4d8:0:a:1234:ABc:1F:b18:0")); - Assert.assertFalse(filter.checkWhitelist(whitelist, "4d8:0:a:1234:ABc:1D:0:0")); + filter.setWhitelist(whitelist); + Assert.assertTrue(filter.checkWhitelist("192.168.0.1")); + Assert.assertFalse(filter.checkWhitelist("192.168.0.2")); + Assert.assertFalse(filter.checkWhitelist("11.12.13.14")); + Assert.assertTrue(filter.checkWhitelist("10.11.12.13")); + Assert.assertTrue(filter.checkWhitelist("10.0.0.0")); + Assert.assertFalse(filter.checkWhitelist("0.0.0.0")); + Assert.assertTrue(filter.checkWhitelist("4d8:0:a:1234:ABc:1F:b18:17")); + Assert.assertTrue(filter.checkWhitelist("4d8:0:a:1234:ABc:1F:b18:0")); + Assert.assertFalse(filter.checkWhitelist("4d8:0:a:1234:ABc:1D:0:0")); } private boolean hitRateTracker(DoSFilter doSFilter, int sleep) throws InterruptedException |