Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGreg Wilkins2015-04-29 05:18:48 +0000
committerGreg Wilkins2015-04-29 05:18:48 +0000
commit2c65b66f9c24f2cad43dd8d65729921be6767246 (patch)
tree4f396cfc84437ba610cbe2dfcc7589c77ac078ec /jetty-servlets
parentd5c95a1302230ba8e20d1fd56dc99b7a3302a256 (diff)
downloadorg.eclipse.jetty.project-2c65b66f9c24f2cad43dd8d65729921be6767246.tar.gz
org.eclipse.jetty.project-2c65b66f9c24f2cad43dd8d65729921be6767246.tar.xz
org.eclipse.jetty.project-2c65b66f9c24f2cad43dd8d65729921be6767246.zip
465734 DosFilter whitelist bit pattern fix
Diffstat (limited to 'jetty-servlets')
-rw-r--r--jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java16
-rw-r--r--jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java21
2 files changed, 27 insertions, 10 deletions
diff --git a/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java
index 43ce257f0f..ad758b18bf 100644
--- a/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java
+++ b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java
@@ -723,6 +723,10 @@ public class DoSFilter implements Filter
prefix -= 8;
++index;
}
+
+ if (index == result.length)
+ return result;
+
// Sets the _prefix_ most significant bits to 1
result[index] = (byte)~((1 << (8 - prefix)) - 1);
return result;
@@ -1038,6 +1042,18 @@ public class DoSFilter implements Filter
_whitelist.addAll(result);
LOG.debug("Whitelisted IP addresses: {}", result);
}
+
+ /**
+ * Set a list of IP addresses that will not be rate limited.
+ *
+ * @param values whitelist
+ */
+ public void setWhitelist(List<String> values)
+ {
+ clearWhitelist();
+ _whitelist.addAll(values);
+ LOG.debug("Whitelisted IP addresses: {}", values);
+ }
/**
* Clears the list of whitelisted IP addresses
diff --git a/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java b/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java
index b55e26905d..93177e9025 100644
--- a/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java
+++ b/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java
@@ -78,19 +78,20 @@ public class DoSFilterTest extends AbstractDoSFilterTest
{
DoSFilter filter = new DoSFilter();
List<String> whitelist = new ArrayList<String>();
- whitelist.add("192.168.0.1");
+ whitelist.add("192.168.0.1/32");
whitelist.add("10.0.0.0/8");
whitelist.add("4d8:0:a:1234:ABc:1F:b18:17");
whitelist.add("4d8:0:a:1234:ABc:1F:0:0/96");
- Assert.assertTrue(filter.checkWhitelist(whitelist, "192.168.0.1"));
- Assert.assertFalse(filter.checkWhitelist(whitelist, "192.168.0.2"));
- Assert.assertFalse(filter.checkWhitelist(whitelist, "11.12.13.14"));
- Assert.assertTrue(filter.checkWhitelist(whitelist, "10.11.12.13"));
- Assert.assertTrue(filter.checkWhitelist(whitelist, "10.0.0.0"));
- Assert.assertFalse(filter.checkWhitelist(whitelist, "0.0.0.0"));
- Assert.assertTrue(filter.checkWhitelist(whitelist, "4d8:0:a:1234:ABc:1F:b18:17"));
- Assert.assertTrue(filter.checkWhitelist(whitelist, "4d8:0:a:1234:ABc:1F:b18:0"));
- Assert.assertFalse(filter.checkWhitelist(whitelist, "4d8:0:a:1234:ABc:1D:0:0"));
+ filter.setWhitelist(whitelist);
+ Assert.assertTrue(filter.checkWhitelist("192.168.0.1"));
+ Assert.assertFalse(filter.checkWhitelist("192.168.0.2"));
+ Assert.assertFalse(filter.checkWhitelist("11.12.13.14"));
+ Assert.assertTrue(filter.checkWhitelist("10.11.12.13"));
+ Assert.assertTrue(filter.checkWhitelist("10.0.0.0"));
+ Assert.assertFalse(filter.checkWhitelist("0.0.0.0"));
+ Assert.assertTrue(filter.checkWhitelist("4d8:0:a:1234:ABc:1F:b18:17"));
+ Assert.assertTrue(filter.checkWhitelist("4d8:0:a:1234:ABc:1F:b18:0"));
+ Assert.assertFalse(filter.checkWhitelist("4d8:0:a:1234:ABc:1D:0:0"));
}
private boolean hitRateTracker(DoSFilter doSFilter, int sleep) throws InterruptedException

Back to the top