Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #10388 - fix InetAccessHandler module 

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
This commit is contained in:
Lachlan Roberts 2023-08-25 13:53:24 +10:00
parent 0411e1f19f
commit 764c8171bc
4 changed files with 15 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
jetty-server/src/main/config/modules/inetaccess.mod
View File

@ -2,7 +2,7 @@
[description] [description]
Enables the InetAccessHandler. Enables the InetAccessHandler.
Applies a include/exclude control of the remote IP of requests. Applies an include/exclude control of the remote IP of requests.
[tags] [tags]
connector connector
@ -18,15 +18,9 @@ etc/jetty-inetaccess.xml
[ini-template] [ini-template]
## List of InetAddress patterns to include ## List of InetAddress patterns to include (connectorName@addressPattern|pathSpec)
#jetty.inetaccess.include=127.0.0.1,127.0.0.2 #jetty.inetaccess.include=http@127.0.0.1-127.0.0.2|/pathSpec,tls@,|/pathSpec2,127.0.0.20
## List of InetAddress patterns to exclude ## List of InetAddress patterns to exclude (connectorName@addressPattern|pathSpec)
#jetty.inetaccess.exclude=127.0.0.1,127.0.0.2 #jetty.inetaccess.exclude=http@127.0.0.1-127.0.0.2|/pathSpec,tls@,|/pathSpec2,127.0.0.20
## List of Connector names to include
#jetty.inetaccess.includeConnectors=http
## List of Connector names to exclude
#jetty.inetaccess.excludeConnectors=tls

13
jetty-server/src/main/config/modules/inetaccess/inetaccess.xml
View File

@ -1,13 +0,0 @@
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "https://www.eclipse.org/jetty/configure_10_0.dtd">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<Call name="insertHandler">
<Arg>
<New id="InetAccessHandler" class="org.eclipse.jetty.server.handler.InetAccessHandler">
<Call name="include"><Arg>127.0.0.1-127.0.0.255</Arg></Call>
<Call name="exclude"><Arg>127.0.0.128-127.0.0.129</Arg></Call>
</New>
</Arg>
</Call>
</Configure>

14
jetty-server/src/main/config/modules/inetaccess/jetty-inetaccess.xml
View File

@ -19,20 +19,6 @@
</Call> </Call>
</Arg> </Arg>
</Call> </Call>
<Call name="includeConnectors">
<Arg>
<Call class="org.eclipse.jetty.util.StringUtil" name="csvSplit">
<Arg><Property name="jetty.inetaccess.includeConnectors" default="" /></Arg>
</Call>
</Arg>
</Call>
<Call name="excludeConnectors">
<Arg>
<Call class="org.eclipse.jetty.util.StringUtil" name="csvSplit">
<Arg><Property name="jetty.inetaccess.excludeConnectors" default="" /></Arg>
</Call>
</Arg>
</Call>
</New> </New>
</Arg> </Arg>
</Call> </Call>

17
jetty-server/src/main/java/org/eclipse/jetty/server/handler/InetAccessSet.java
View File

@ -27,7 +27,7 @@ import org.eclipse.jetty.util.StringUtil;
public class InetAccessSet extends AbstractSet<InetAccessSet.PatternTuple> implements Set<InetAccessSet.PatternTuple>, Predicate<InetAccessSet.AccessTuple> public class InetAccessSet extends AbstractSet<InetAccessSet.PatternTuple> implements Set<InetAccessSet.PatternTuple>, Predicate<InetAccessSet.AccessTuple>
{ {
private ArrayList<PatternTuple> tuples = new ArrayList<>(); private final ArrayList<PatternTuple> tuples = new ArrayList<>();
@Override @Override
public boolean add(PatternTuple storageTuple) public boolean add(PatternTuple storageTuple)
@ -67,7 +67,7 @@ public class InetAccessSet extends AbstractSet<InetAccessSet.PatternTuple> imple
return false; return false;
} }
static class PatternTuple implements Predicate<AccessTuple> public static class PatternTuple implements Predicate<AccessTuple>
{ {
private final String connector; private final String connector;
private final InetAddressPattern address; private final InetAddressPattern address;
@ -110,19 +110,22 @@ public class InetAccessSet extends AbstractSet<InetAccessSet.PatternTuple> imple
if ((connector != null) && !connector.equals(entry.getConnector())) if ((connector != null) && !connector.equals(entry.getConnector()))
return false; return false;
// If we have a path we must must be at this path to match for an address. // If we have a path we must be at this path to match for an address.
if ((pathSpec != null) && !pathSpec.matches(entry.getPath())) if ((pathSpec != null) && !pathSpec.matches(entry.getPath()))
return false; return false;
// Match for InetAddress. // Match for InetAddress.
if ((address != null) && !address.test(entry.getAddress())) return (address == null) || address.test(entry.getAddress());
return false; }
return true; @Override
public String toString()
{
return String.format("%s@%x{connector=%s, addressPattern=%s, pathSpec=%s}", getClass().getSimpleName(), hashCode(), connector, address, pathSpec);
} }
} }
static class AccessTuple public static class AccessTuple
{ {
private final String connector; private final String connector;
private final InetAddress address; private final InetAddress address;