Skip to content

Commit

Permalink
fix: OF-2595 resolve merge conflicts
Browse files Browse the repository at this point in the history
  • Loading branch information
AlexGidman authored and guusdk committed May 23, 2023
1 parent 446fcac commit a3b5ebd
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 63 deletions.
5 changes: 0 additions & 5 deletions i18n/src/main/resources/openfire_i18n.properties
Original file line number Diff line number Diff line change
Expand Up @@ -1703,9 +1703,6 @@ system_property.provider.vcard.className=The class to use to provide vCard handl
system_property.usermanager.remote-disco-info-timeout-seconds=The maximum time the UserManager should wait, in seconds, for the a remote server to respond to a disco#info request to confirm the presence of a user
system_property.provider.userproperty.className=The class to use to provide user properties
system_property.xmpp.auth.sasl.external.client.suppress-matching-realmname=Ignore the realm of a SASL EXTERNAL provided username if it matches the XMPP domain name.
system_property.adminConsole.access.ip-blocklist=List of IP addresses that are not allowed to access the admin console.
system_property.adminConsole.access.ip-allowlist=List of IP addresses that are allowed to access the admin console. When empty, this list is ignored.
system_property.adminConsole.access.ignore-excludes=Controls if IP Access lists are applied to excluded URLs.
system_property.adminConsole.access.allow-wildcards-in-excludes=Controls whether wildcards are allowed in URLs that are excluded from auth checks.
system_property.adminConsole.servlet-request-authenticator=The class to use to authenticate requests made to the admin console. If not supplied, normal username/password authentication will be used.
system_property.adminConsole.siteMinderHeader=The name of the HTTP header that will contain the CA SiteMinder/Single Sign-On authenticated user, if available.
Expand Down Expand Up @@ -1784,8 +1781,6 @@ system_property.xmpp.taskengine.threadpool.size.max=The maximum number of thread
system_property.xmpp.taskengine.threadpool.keepalive=The number of threads in the thread pool that is used to execute tasks of Openfire's TaskEngine is greater than the core, this is the maximum time that excess idle threads will wait for new tasks before terminating.
system_property.xmpp.muc.allowpm.blockall=Toggles whether to block all packets from users or just messages if they do not have permission to send private messages.
system_property.xmpp.websocket.stream-substitution-enabled=Controls if 'stream' elements that are sent over websockets are renamed to 'open' and 'close' where appropriate. Useful to allow certain non-compliant clients (eg: Tsung) to connect.
system_property.xmpp.websocket.frame.ping.enabled=Periodically send WebSocket ping control frames on an idle WebSocket connection.
system_property.xmpp.websocket.frame.ping.interval=The maximum duration of inactivity that triggers a WebSocket ping control frame to be sent over an idle connection.

# Server properties Page

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -59,33 +59,6 @@ public class AuthCheckFilter implements Filter {
.addListener(AuthCheckFilter::initAuthenticator)
.build();

/**
* List of IP addresses that are not allowed to access the admin console.
*/
public static final SystemProperty<Set<String>> IP_ACCESS_BLOCKLIST = SystemProperty.Builder.ofType(Set.class)
.setKey("adminConsole.access.ip-blocklist")
.setDefaultValue(Collections.emptySet())
.setDynamic(true)
.buildSet(String.class);

/**
* List of IP addresses that are allowed to access the admin console. When empty, this list is ignored.
*/
public static final SystemProperty<Set<String>> IP_ACCESS_ALLOWLIST = SystemProperty.Builder.ofType(Set.class)
.setKey("adminConsole.access.ip-allowlist")
.setDefaultValue(Collections.emptySet())
.setDynamic(true)
.buildSet(String.class);

/**
* Controls if IP Access lists are applied to excluded URLs.
*/
public static final SystemProperty<Boolean> IP_ACCESS_IGNORE_EXCLUDES = SystemProperty.Builder.ofType(Boolean.class)
.setKey("adminConsole.access.ignore-excludes")
.setDefaultValue(false)
.setDynamic(true)
.build();

/**
* Controls whether wildcards are allowed in URLs that are excluded from auth checks.
*/
Expand Down Expand Up @@ -191,8 +164,8 @@ public static boolean testURLPassesExclude(String url, String exclude) {
// If the exclude rule includes a "?" character, the url must exactly match the exclude rule.
// If the exclude rule does not contain the "?" character, we chop off everything starting at the first "?"
// in the URL and then the resulting url must exactly match the exclude rule. If the exclude ends with a "*"
// character then the URL is allowed if it exactly matches everything before the * and there are no ".." even encoded ones
// characters after the "*". All data in the URL before
// (wildcard) character, and wildcards are allowed in excludes, then the URL is allowed if it exactly
// matches everything before the * and there are no ".." characters after the "*".

String decodedUrl = null;
try {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,35 +16,6 @@

package org.jivesoftware.openfire.container;

import org.apache.jasper.servlet.JasperInitializer;
import org.apache.tomcat.InstanceManager;
import org.apache.tomcat.SimpleInstanceManager;
import org.eclipse.jetty.annotations.AnnotationConfiguration;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.plus.annotation.ContainerInitializer;
import org.eclipse.jetty.plus.webapp.EnvConfiguration;
import org.eclipse.jetty.plus.webapp.PlusConfiguration;
import org.eclipse.jetty.server.*;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.DefaultHandler;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.util.resource.Resource;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.webapp.*;
import org.jivesoftware.admin.AuthCheckFilter;
import org.jivesoftware.openfire.JMXManager;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.keystore.CertificateStore;
import org.jivesoftware.openfire.keystore.IdentityStore;
import org.jivesoftware.openfire.spi.ConnectionConfiguration;
import org.jivesoftware.openfire.spi.ConnectionManagerImpl;
import org.jivesoftware.openfire.spi.ConnectionType;
import org.jivesoftware.openfire.spi.EncryptionArtifactFactory;
import org.jivesoftware.util.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.File;
import java.io.IOException;
import java.net.URL;
Expand Down Expand Up @@ -86,6 +57,7 @@
import org.eclipse.jetty.webapp.WebAppContext;
import org.eclipse.jetty.webapp.WebInfConfiguration;
import org.eclipse.jetty.webapp.WebXmlConfiguration;
import org.jivesoftware.admin.AuthCheckFilter;
import org.jivesoftware.openfire.JMXManager;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.keystore.CertificateStore;
Expand Down

0 comments on commit a3b5ebd

Please sign in to comment.