From dc48a90184dc12b16f71842e1313a5da6f72d472 Mon Sep 17 00:00:00 2001
From: Henrich Kraemer <henrjk@users.noreply.github.com>
Date: Fri, 2 Feb 2018 14:21:00 +0100
Subject: [PATCH] Prevent reverse name lookup when configuring Jetty's address

Previously, the host on Jetty's connector was configured using the
host address of the InetSocketAddress. This could result in reverse
name resolution that could cause Jetty to bind to a different IP
address than was configured.

This commit updates the configuration code to use the host string
when specifically does not perform reverse name resolution.

See gh-11889
---
 .../JettyEmbeddedServletContainerFactory.java |  6 ++--
 ...yEmbeddedServletContainerFactoryTests.java | 29 +++++++++++++++++++
 2 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java b/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java
index bc31108a72..2be9c21a26 100644
--- a/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java
+++ b/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java
@@ -101,6 +101,8 @@ import org.springframework.util.StringUtils;
  * @author Eddú Meléndez
  * @author Venil Noronha
  * @author Henri Kerola
+ * @author Henrich Krämer
+ *
  * @see #setPort(int)
  * @see #setConfigurations(Collection)
  * @see JettyEmbeddedServletContainer
@@ -895,7 +897,7 @@ public class JettyEmbeddedServletContainerFactory
 				ReflectionUtils.findMethod(connectorClass, "setPort", int.class)
 						.invoke(connector, address.getPort());
 				ReflectionUtils.findMethod(connectorClass, "setHost", String.class)
-						.invoke(connector, address.getHostName());
+						.invoke(connector, address.getHostString());
 				if (acceptors > 0) {
 					ReflectionUtils.findMethod(connectorClass, "setAcceptors", int.class)
 							.invoke(connector, acceptors);
@@ -924,7 +926,7 @@ public class JettyEmbeddedServletContainerFactory
 		public AbstractConnector createConnector(Server server, InetSocketAddress address,
 				int acceptors, int selectors) {
 			ServerConnector connector = new ServerConnector(server, acceptors, selectors);
-			connector.setHost(address.getHostName());
+			connector.setHost(address.getHostString());
 			connector.setPort(address.getPort());
 			for (ConnectionFactory connectionFactory : connector
 					.getConnectionFactories()) {
diff --git a/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java b/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java
index cce0048cd6..7faf6652e5 100644
--- a/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java
+++ b/spring-boot/src/test/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactoryTests.java
@@ -17,6 +17,7 @@
 package org.springframework.boot.context.embedded.jetty;
 
 import java.io.IOException;
+import java.net.InetAddress;
 import java.nio.charset.Charset;
 import java.util.Arrays;
 import java.util.Locale;
@@ -35,6 +36,8 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.jasper.servlet.JspServlet;
+import org.eclipse.jetty.server.AbstractNetworkConnector;
+import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ServerConnector;
@@ -114,6 +117,32 @@ public class JettyEmbeddedServletContainerFactoryTests
 		}
 	}
 
+	@Test
+	public void specificIPAddressNotReverseResolved() throws Exception {
+		JettyEmbeddedServletContainerFactory factory = getFactory();
+		final String[] refAncHost = new String[1];
+		refAncHost[0] = "HostNotSetInAbstractNetworkConnector";
+		InetAddress lhAddress = InetAddress.getLocalHost();
+		InetAddress address = InetAddress.getByAddress(lhAddress.getAddress());
+		// the address should have no host name associated with ith
+		String expectedHost = address.getHostAddress();
+		factory.setAddress(address);
+		factory.addServerCustomizers(server -> {
+			for (Connector connector : server.getConnectors()) {
+				if (connector instanceof AbstractNetworkConnector) {
+					@SuppressWarnings("resource")
+					AbstractNetworkConnector anc = (AbstractNetworkConnector) connector;
+					String ancHost = anc.getHost();
+					refAncHost[0] = ancHost;
+					break;
+				}
+			}
+		});
+		this.container = factory
+				.getEmbeddedServletContainer(exampleServletRegistration());
+		assertThat(refAncHost[0]).isEqualTo(expectedHost);
+	}
+
 	@Test
 	public void sessionTimeout() throws Exception {
 		JettyEmbeddedServletContainerFactory factory = getFactory();