[knox] branch master updated: KNOX-2453 Fix Host header handling in websockets (#374)

[more]

This is an automated email from the ASF dual-hosted git repository.

more pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git


The following commit(s) were added to refs/heads/master by this push:
     new b518853  KNOX-2453 Fix Host header handling in websockets (#374)
b518853 is described below

commit b518853eb4cbaa1e0b37cca7a66613def39694bc
Author: Sandeep Moré <moresand...@gmail.com>
AuthorDate: Mon Sep 14 12:40:33 2020 -0400

    KNOX-2453 Fix Host header handling in websockets (#374)
---
 .../websockets/GatewayWebsocketHandler.java        | 38 ++++++++++++++--------
 .../websockets/WebsocketBackendUrlTest.java        |  3 +-
 2 files changed, 25 insertions(+), 16 deletions(-)

diff --git 
a/gateway-server/src/main/java/org/apache/knox/gateway/websockets/GatewayWebsocketHandler.java
 
b/gateway-server/src/main/java/org/apache/knox/gateway/websockets/GatewayWebsocketHandler.java
index e88306a..dfbd9a2 100644
--- 
a/gateway-server/src/main/java/org/apache/knox/gateway/websockets/GatewayWebsocketHandler.java
+++ 
b/gateway-server/src/main/java/org/apache/knox/gateway/websockets/GatewayWebsocketHandler.java
@@ -36,8 +36,10 @@ import 
org.eclipse.jetty.websocket.servlet.WebSocketServletFactory;
 import javax.websocket.ClientEndpointConfig;
 import java.net.MalformedURLException;
 import java.net.URI;
+import java.net.URISyntaxException;
 import java.net.URL;
 import java.security.KeyStore;
+import java.util.Arrays;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
@@ -113,10 +115,9 @@ public class GatewayWebsocketHandler extends 
WebSocketHandler
 
     try {
       final URI requestURI = req.getRequestURI();
-      final String path = requestURI.getRawPath();
 
       /* URL used to connect to websocket backend */
-      final String backendURL = getMatchedBackendURL(path, requestURI);
+      final String backendURL = getMatchedBackendURL(requestURI);
       LOG.debugLog("Generated backend URL for websocket connection: " + 
backendURL);
 
       /* Upgrade happens here */
@@ -149,27 +150,36 @@ public class GatewayWebsocketHandler extends 
WebSocketHandler
    */
   private ClientEndpointConfig getClientEndpointConfig(final 
ServletUpgradeRequest req) {
 
-    return ClientEndpointConfig.Builder.create().configurator( new 
ClientEndpointConfig.Configurator() {
-
-       @Override
-       public void beforeRequest(final Map<String, List<String>> headers) {
-
-         /* Add request headers */
-         req.getHeaders().forEach(headers::putIfAbsent);
-
-       }
-    }).build();
+    return ClientEndpointConfig.Builder.create()
+        .configurator(new ClientEndpointConfig.Configurator() {
+
+          @Override
+          public void beforeRequest(final Map<String, List<String>> headers) {
+
+            /* Add request headers */
+            req.getHeaders().forEach(headers::putIfAbsent);
+            try {
+              final URI backendURL = new 
URI(getMatchedBackendURL(req.getRequestURI()));
+              headers.put("Host", Arrays.asList(backendURL.getHost() + ":" + 
backendURL.getPort()));
+            } catch (final URISyntaxException e) {
+              LOG.onError(String.format(Locale.ROOT,
+                  "Error getting backend url, this could cause 'Host does not 
match SNI' exception. Cause: ",
+                  e.toString()));
+            }
+          }
+        }).build();
   }
 
   /**
    * This method looks at the context path and returns the backend websocket
    * url. If websocket url is found it is used as is, or we default to
    * ws://{host}:{port} which might or might not be right.
-   * @param path path to match requestURI against
    * @param requestURI url to match
    * @return Websocket backend url
    */
-  protected synchronized String getMatchedBackendURL(final String path, URI 
requestURI) {
+  protected synchronized String getMatchedBackendURL(final URI requestURI) {
+    final String path = requestURI.getRawPath();
+
     final ServiceRegistry serviceRegistryService = services
         .getService(ServiceType.SERVICE_REGISTRY_SERVICE);
 
diff --git 
a/gateway-server/src/test/java/org/apache/knox/gateway/websockets/WebsocketBackendUrlTest.java
 
b/gateway-server/src/test/java/org/apache/knox/gateway/websockets/WebsocketBackendUrlTest.java
index 492f07e..2f11c5c 100644
--- 
a/gateway-server/src/test/java/org/apache/knox/gateway/websockets/WebsocketBackendUrlTest.java
+++ 
b/gateway-server/src/test/java/org/apache/knox/gateway/websockets/WebsocketBackendUrlTest.java
@@ -70,9 +70,8 @@ public class WebsocketBackendUrlTest extends 
WebsocketEchoTestBase {
   @Test
   public void testWebsocketBackendUrl() throws Exception {
     URI requestURI = new URI(serverUri.toString() + 
"gateway/websocket/123foo456bar/channels");
-    final String path = requestURI.getPath();
     GatewayWebsocketHandler gwh = new GatewayWebsocketHandler(gatewayConfig, 
services);
-    String backendUrl = gwh.getMatchedBackendURL(path, requestURI);
+    String backendUrl = gwh.getMatchedBackendURL(requestURI);
     String expectedBackendUrl = backendServerUri.toString() + "channels";
     assertThat(backendUrl, is(expectedBackendUrl));
   }