Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dellgreen-dosfilter-1717' into jetty-9.4.x

This commit is contained in:
Joakim Erdfelt 2017-08-31 15:12:43 -07:00
parent 99e2053213 9d3f20d509
commit 9285adb596
2 changed files with 103 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
jetty-servlets/src/main/java/org/eclipse/jetty/servlets/DoSFilter.java
View File

@ -583,7 +583,7 @@ public class DoSFilter implements Filter
} }
else else
{ {
loadId = isRemotePort() ? (request.getRemoteAddr() + request.getRemotePort()) : request.getRemoteAddr(); loadId = isRemotePort() ? createRemotePortId(request) : request.getRemoteAddr();
type = USER_IP; type = USER_IP;
} }
} }
@ -616,6 +616,10 @@ public class DoSFilter implements Filter
return tracker; return tracker;
} }
public void addToRateTracker (RateTracker tracker) public void addToRateTracker (RateTracker tracker)
{ {
_rateTrackers.put(tracker.getId(), tracker); _rateTrackers.put(tracker.getId(), tracker);
@ -1356,4 +1360,12 @@ public class DoSFilter implements Filter
super.onTimeout(event); super.onTimeout(event);
} }
} }
private String createRemotePortId(final ServletRequest request) {
final String addr = request.getRemoteAddr();
final int port = request.getRemotePort();
if (addr.contains(":")) return "[" + addr + "]:" + port;
return addr + ":" + port;
}
} }

92
jetty-servlets/src/test/java/org/eclipse/jetty/servlets/DoSFilterTest.java
View File

@ -18,8 +18,20 @@
package org.eclipse.jetty.servlets; package org.eclipse.jetty.servlets;
import javax.servlet.ServletContext; import static org.hamcrest.Matchers.anyOf;
import static org.hamcrest.Matchers.is;
import static org.junit.Assert.assertThat;
import java.net.InetSocketAddress;
import java.util.Collections;
import java.util.Enumeration;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.handler.ContextHandler; import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.servlets.DoSFilter.RateTracker; import org.eclipse.jetty.servlets.DoSFilter.RateTracker;
import org.hamcrest.Matchers; import org.hamcrest.Matchers;
@ -29,12 +41,88 @@ import org.junit.Test;
public class DoSFilterTest extends AbstractDoSFilterTest public class DoSFilterTest extends AbstractDoSFilterTest
{ {
private static class RemoteAddressRequest extends Request
{
public RemoteAddressRequest(String remoteHost, int remotePort)
{
super(null, null);
setRemoteAddr(new InetSocketAddress(remoteHost, remotePort));
}
}
private static class NoOpFilterConfig implements FilterConfig
{
@Override
public String getFilterName()
{
return "noop";
}
@Override
public ServletContext getServletContext()
{
return null;
}
@Override
public String getInitParameter(String name)
{
return null;
}
@Override
public Enumeration<String> getInitParameterNames()
{
return Collections.emptyEnumeration();
}
}
@Before @Before
public void setUp() throws Exception public void setUp() throws Exception
{ {
startServer(DoSFilter.class); startServer(DoSFilter.class);
} }
@Test
public void testRemotePortLoadIdCreation_ipv6() throws ServletException {
final ServletRequest request = new RemoteAddressRequest("::192.9.5.5", 12345);
DoSFilter doSFilter = new DoSFilter();
doSFilter.init(new NoOpFilterConfig());
doSFilter.setRemotePort(true);
try
{
RateTracker tracker = doSFilter.getRateTracker(request);
assertThat("tracker.id", tracker.getId(),
anyOf(
is("[::192.9.5.5]:12345"), // short form
is("[0:0:0:0:0:0:c009:505]:12345") // long form
));
}
finally
{
doSFilter.stopScheduler();
}
}
@Test
public void testRemotePortLoadIdCreation_ipv4() throws ServletException {
final ServletRequest request = new RemoteAddressRequest("127.0.0.1", 12345);
DoSFilter doSFilter = new DoSFilter();
doSFilter.init(new NoOpFilterConfig());
doSFilter.setRemotePort(true);
try
{
RateTracker tracker = doSFilter.getRateTracker(request);
assertThat("tracker.id", tracker.getId(), is("127.0.0.1:12345"));
}
finally
{
doSFilter.stopScheduler();
}
}
@Test @Test
public void testRateIsRateExceeded() throws InterruptedException public void testRateIsRateExceeded() throws InterruptedException
{ {
@ -70,7 +158,7 @@ public class DoSFilterTest extends AbstractDoSFilterTest
{ {
String last="GET /ctx/timeout/?sleep="+2*_requestMaxTime+" HTTP/1.1\r\nHost: localhost\r\nConnection: close\r\n\r\n"; String last="GET /ctx/timeout/?sleep="+2*_requestMaxTime+" HTTP/1.1\r\nHost: localhost\r\nConnection: close\r\n\r\n";
String responses = doRequests("",0,0,0,last); String responses = doRequests("",0,0,0,last);
Assert.assertThat(responses, Matchers.containsString(" 503 ")); assertThat(responses, Matchers.containsString(" 503 "));
} }
private boolean hitRateTracker(DoSFilter doSFilter, int sleep) throws InterruptedException private boolean hitRateTracker(DoSFilter doSFilter, int sleep) throws InterruptedException