From f0905ffaf657ae9a0307e344f91a82de2e915437 Mon Sep 17 00:00:00 2001 From: mtrejo Date: Thu, 15 Feb 2018 19:13:22 -0500 Subject: [PATCH 1/2] Set host when creating Jetty SSL connector See gh-12120 --- .../JettyEmbeddedServletContainerFactory.java | 21 +++++++++++-------- ...yEmbeddedServletContainerFactoryTests.java | 20 ++++++++++++++++++ 2 files changed, 32 insertions(+), 9 deletions(-) diff --git a/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java b/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java index a797232f79..d90fdb4690 100644 --- a/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java +++ b/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java @@ -180,7 +180,7 @@ public class JettyEmbeddedServletContainerFactory SslContextFactory sslContextFactory = new SslContextFactory(); configureSsl(sslContextFactory, getSsl()); AbstractConnector connector = getSslServerConnectorFactory() - .getConnector(server, sslContextFactory, port); + .createConnector(server, sslContextFactory, address); server.setConnectors(new Connector[] { connector }); } for (JettyServerCustomizer customizer : getServerCustomizers()) { @@ -700,8 +700,8 @@ public class JettyEmbeddedServletContainerFactory */ private interface SslServerConnectorFactory { - AbstractConnector getConnector(Server server, SslContextFactory sslContextFactory, - int port); + AbstractConnector createConnector(Server server, SslContextFactory sslContextFactory, + InetSocketAddress address); } @@ -712,8 +712,8 @@ public class JettyEmbeddedServletContainerFactory implements SslServerConnectorFactory { @Override - public ServerConnector getConnector(Server server, - SslContextFactory sslContextFactory, int port) { + public ServerConnector createConnector(Server server, + SslContextFactory sslContextFactory, InetSocketAddress address) { HttpConfiguration config = new HttpConfiguration(); config.setSendServerVersion(false); config.addCustomizer(new SecureRequestCustomizer()); @@ -722,7 +722,8 @@ public class JettyEmbeddedServletContainerFactory sslContextFactory, HttpVersion.HTTP_1_1.asString()); ServerConnector serverConnector = new ServerConnector(server, sslConnectionFactory, connectionFactory); - serverConnector.setPort(port); + serverConnector.setPort(address.getPort()); + serverConnector.setHost(address.getHostString()); return serverConnector; } @@ -735,8 +736,8 @@ public class JettyEmbeddedServletContainerFactory implements SslServerConnectorFactory { @Override - public AbstractConnector getConnector(Server server, - SslContextFactory sslContextFactory, int port) { + public AbstractConnector createConnector(Server server, + SslContextFactory sslContextFactory, InetSocketAddress address) { try { Class connectorClass = Class .forName("org.eclipse.jetty.server.ssl.SslSocketConnector"); @@ -744,7 +745,9 @@ public class JettyEmbeddedServletContainerFactory .getConstructor(SslContextFactory.class) .newInstance(sslContextFactory); connector.getClass().getMethod("setPort", int.class).invoke(connector, - port); + address.getPort()); + connector.getClass().getMethod("setHost", String.class).invoke(connector, + address.getHostString()); return connector; } catch (Exception ex) { diff --git a/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java b/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java index 5403f2b28d..529b72f898 100644 --- a/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java +++ b/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java @@ -244,6 +244,26 @@ public class JettyEmbeddedServletContainerFactoryTests .isEqualTo(new String[] { "TLSv1.1" }); } + @Test + public void sslEnabledSpecificIPAddress() throws Exception { + Ssl ssl = new Ssl(); + ssl.setKeyStore("src/test/resources/test.jks"); + ssl.setKeyStorePassword("secret"); + ssl.setKeyPassword("password"); + + JettyEmbeddedServletContainerFactory factory = getFactory(); + factory.setSsl(ssl); + factory.setAddress(InetAddress.getByAddress(InetAddress.getLocalHost().getAddress())); + + this.container = factory.getEmbeddedServletContainer(); + this.container.start(); + + JettyEmbeddedServletContainer jettyContainer = (JettyEmbeddedServletContainer) this.container; + ServerConnector connector = (ServerConnector) jettyContainer.getServer() + .getConnectors()[0]; + assertThat(connector.getHost()).isEqualTo(factory.getAddress().getHostAddress()); + } + private void assertTimeout(JettyEmbeddedServletContainerFactory factory, int expected) { this.container = factory.getEmbeddedServletContainer(); From eaf3789540d8975535fbceba49c8b14de2a73ac9 Mon Sep 17 00:00:00 2001 From: Andy Wilkinson Date: Tue, 27 Feb 2018 14:36:56 +0000 Subject: [PATCH 2/2] Polish "Set host when creating Jetty SSL connector" Closes gh-12120 --- .../embedded/jetty/JettyEmbeddedServletContainerFactory.java | 4 ++-- .../jetty/JettyEmbeddedServletContainerFactoryTests.java | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java b/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java index d90fdb4690..6ec3274a2a 100644 --- a/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java +++ b/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java @@ -700,8 +700,8 @@ public class JettyEmbeddedServletContainerFactory */ private interface SslServerConnectorFactory { - AbstractConnector createConnector(Server server, SslContextFactory sslContextFactory, - InetSocketAddress address); + AbstractConnector createConnector(Server server, + SslContextFactory sslContextFactory, InetSocketAddress address); } diff --git a/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java b/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java index 529b72f898..58ebaa52a3 100644 --- a/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java +++ b/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java @@ -253,7 +253,8 @@ public class JettyEmbeddedServletContainerFactoryTests JettyEmbeddedServletContainerFactory factory = getFactory(); factory.setSsl(ssl); - factory.setAddress(InetAddress.getByAddress(InetAddress.getLocalHost().getAddress())); + factory.setAddress( + InetAddress.getByAddress(InetAddress.getLocalHost().getAddress())); this.container = factory.getEmbeddedServletContainer(); this.container.start();