From cea6d4f171ced78d34f4739922a8cea7f1014d0d Mon Sep 17 00:00:00 2001
From: Jochen Schalanda <jochen@graylog.com>
Date: Wed, 10 Aug 2016 15:06:51 +0200
Subject: [PATCH] Check for conflict of rest_listen_uri and web_listen_uri

Refs #2634
---
 .../main/java/org/graylog2/Configuration.java | 14 +++++++++++
 .../java/org/graylog2/ConfigurationTest.java  | 24 +++++++++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/graylog2-server/src/main/java/org/graylog2/Configuration.java b/graylog2-server/src/main/java/org/graylog2/Configuration.java
index 9b98e9cc2c33..aaf122ba7f73 100644
--- a/graylog2-server/src/main/java/org/graylog2/Configuration.java
+++ b/graylog2-server/src/main/java/org/graylog2/Configuration.java
@@ -319,10 +319,24 @@ public int getLoadBalancerRequestThrottleJournalUsage() {
     }
 
     @ValidatorMethod
+    @SuppressWarnings("unused")
     public void validatePasswordSecret() throws ValidationException {
         final String passwordSecret = getPasswordSecret();
         if (passwordSecret == null || passwordSecret.length() < 16) {
             throw new ValidationException("The minimum length for \"password_secret\" is 16 characters.");
         }
     }
+
+    @ValidatorMethod
+    @SuppressWarnings("unused")
+    public void validateNetworkInterfaces() throws ValidationException {
+        final URI restListenUri = getRestListenUri();
+        final URI webListenUri = getWebListenUri();
+
+        if ((restListenUri.getPort() == webListenUri.getPort()) &&
+                !restListenUri.getHost().equals(webListenUri.getHost()) &&
+                ("0.0.0.0".equals(restListenUri.getHost()) || "0.0.0.0".equals(webListenUri.getHost()))) {
+            throw new ValidationException("Wildcard IP addresses cannot be used if the Graylog REST API and web interface listen on the same port.");
+        }
+    }
 }
diff --git a/graylog2-server/src/test/java/org/graylog2/ConfigurationTest.java b/graylog2-server/src/test/java/org/graylog2/ConfigurationTest.java
index 4b871e7a02be..2b4e23f77cab 100644
--- a/graylog2-server/src/test/java/org/graylog2/ConfigurationTest.java
+++ b/graylog2-server/src/test/java/org/graylog2/ConfigurationTest.java
@@ -196,4 +196,28 @@ public void testPasswordSecretIsValid() throws ValidationException, RepositoryEx
 
         assertThat(configuration.getPasswordSecret()).isEqualTo("abcdefghijklmnopqrstuvwxyz");
     }
+
+    @Test
+    public void testRestApiListeningOnWildcardOnSamePortAsWebInterface() throws ValidationException, RepositoryException {
+        validProperties.put("rest_listen_uri", "http://0.0.0.0:9000/api/");
+        validProperties.put("web_listen_uri", "http://127.0.0.1:9000/");
+
+        expectedException.expect(ValidationException.class);
+        expectedException.expectMessage("Wildcard IP addresses cannot be used if the Graylog REST API and web interface listen on the same port.");
+
+        Configuration configuration = new Configuration();
+        new JadConfig(new InMemoryRepository(validProperties), configuration).process();
+    }
+
+    @Test
+    public void testWebInterfaceListeningOnWildcardOnSamePortAsRestApi() throws ValidationException, RepositoryException {
+        validProperties.put("rest_listen_uri", "http://127.0.0.1:9000/api/");
+        validProperties.put("web_listen_uri", "http://0.0.0.0:9000/");
+
+        expectedException.expect(ValidationException.class);
+        expectedException.expectMessage("Wildcard IP addresses cannot be used if the Graylog REST API and web interface listen on the same port.");
+
+        Configuration configuration = new Configuration();
+        new JadConfig(new InMemoryRepository(validProperties), configuration).process();
+    }
 }