proxy to be able to deny request to invalid hostnames

dpgoetz · dpgoetz · commit 40cbff9fd391 · 2012-04-12T14:18:40.000-07:00
Change-Id: I974f729da60e5ab9453daf9e52466b3e1af5c69b
diff --git a/etc/proxy-server.conf-sample b/etc/proxy-server.conf-sample
@@ -57,6 +57,8 @@ use = egg:swift#proxy
 # This is a comma separated list of account hashes that ignore the
 # max_containers_per_account cap.
 # max_containers_whitelist =
+# comma separated list of Host headers the proxy will be deny requests to
+# deny_host_headers =
 
 [filter:tempauth]
 use = egg:swift#tempauth
diff --git a/swift/proxy/server.py b/swift/proxy/server.py
@@ -1841,6 +1841,8 @@ def __init__(self, conf, memcache=None, logger=None, account_ring=None,
         self.max_containers_whitelist = [a.strip()
             for a in conf.get('max_containers_whitelist', '').split(',')
             if a.strip()]
+        self.deny_host_headers = [host.strip() for host in
+            conf.get('deny_host_headers', '').split(',') if host.strip()]
 
     def get_controller(self, path):
         """
@@ -1925,6 +1927,9 @@ def handle_request(self, req):
                 return HTTPPreconditionFailed(request=req, body='Invalid UTF8')
             if not controller:
                 return HTTPPreconditionFailed(request=req, body='Bad URL')
+            if self.deny_host_headers and \
+                    req.host.split(':')[0] in self.deny_host_headers:
+                return HTTPForbidden(request=req, body='Invalid host header')
 
             controller = controller(self, **path_parts)
             if 'swift.trans_id' not in req.environ:
diff --git a/test/unit/proxy/test_server.py b/test/unit/proxy/test_server.py
@@ -741,6 +741,19 @@ def test_negative_content_length(self):
         finally:
             rmtree(swift_dir, ignore_errors=True)
 
+    def test_denied_host_header(self):
+        swift_dir = mkdtemp()
+        try:
+            baseapp = proxy_server.BaseApplication({'swift_dir': swift_dir,
+                'deny_host_headers': 'invalid_host.com'},
+                FakeMemcache(), NullLoggingHandler(), FakeRing(), FakeRing(),
+                FakeRing())
+            resp = baseapp.handle_request(
+                Request.blank('/v1/a/c/o',
+                              environ={'HTTP_HOST': 'invalid_host.com'}))
+            self.assertEquals(resp.status, '403 Forbidden')
+        finally:
+            rmtree(swift_dir, ignore_errors=True)
 
 class TestObjectController(unittest.TestCase):
 
