agent: Disallow :: and [::] as service address

pull/3017/merge
Frank Schroeder 2017-05-09 09:29:13 +02:00
parent e365ef12cf
commit 8ad52ee9b5
No known key found for this signature in database
GPG Key ID: 4D65C6EAEC87DECD
5 changed files with 62 additions and 51 deletions

View File

@ -454,7 +454,7 @@ func (s *HTTPServer) AgentRegisterService(resp http.ResponseWriter, req *http.Re
// Check the service address here and in the catalog RPC endpoint
// since service registration isn't sychronous.
if args.Address == "0.0.0.0" {
if args.Address == "0.0.0.0" || args.Address == "::" || args.Address == "[::]" {
resp.WriteHeader(400)
fmt.Fprintf(resp, "Invalid service address")
return nil, nil

View File

@ -1503,24 +1503,28 @@ func TestAgent_RegisterService_InvalidAddress(t *testing.T) {
defer srv.Shutdown()
defer srv.agent.Shutdown()
req, err := http.NewRequest("GET", "/v1/agent/service/register?token=abc123", nil)
if err != nil {
t.Fatalf("err: %v", err)
}
args := &ServiceDefinition{
Name: "test",
Address: "0.0.0.0",
Port: 8000,
}
req.Body = encodeReq(args)
for _, addr := range []string{"0.0.0.0", "::", "[::]"} {
t.Run("addr "+addr, func(t *testing.T) {
req, err := http.NewRequest("GET", "/v1/agent/service/register?token=abc123", nil)
if err != nil {
t.Fatalf("err: %v", err)
}
args := &ServiceDefinition{
Name: "test",
Address: addr,
Port: 8000,
}
req.Body = encodeReq(args)
resp := httptest.NewRecorder()
_, err = srv.AgentRegisterService(resp, req)
if got, want := resp.Code, 400; got != want {
t.Fatalf("got code %d want %d", got, want)
}
if got, want := resp.Body.String(), "Invalid service address"; got != want {
t.Fatalf("got body %q want %q", got, want)
resp := httptest.NewRecorder()
_, err = srv.AgentRegisterService(resp, req)
if got, want := resp.Code, 400; got != want {
t.Fatalf("got code %d want %d", got, want)
}
if got, want := resp.Body.String(), "Invalid service address"; got != want {
t.Fatalf("got body %q want %q", got, want)
}
})
}
}

View File

@ -63,25 +63,28 @@ func TestCatalogRegister_Service_InvalidAddress(t *testing.T) {
testrpc.WaitForLeader(t, srv.agent.RPC, "dc1")
// Register node
req, err := http.NewRequest("GET", "/v1/catalog/register", nil)
if err != nil {
t.Fatalf("err: %v", err)
}
args := &structs.RegisterRequest{
Node: "foo",
Address: "127.0.0.1",
Service: &structs.NodeService{
Service: "test",
Address: "0.0.0.0",
Port: 8080,
},
}
req.Body = encodeReq(args)
for _, addr := range []string{"0.0.0.0", "::", "[::]"} {
t.Run("addr "+addr, func(t *testing.T) {
req, err := http.NewRequest("GET", "/v1/catalog/register", nil)
if err != nil {
t.Fatalf("err: %v", err)
}
args := &structs.RegisterRequest{
Node: "foo",
Address: "127.0.0.1",
Service: &structs.NodeService{
Service: "test",
Address: addr,
Port: 8080,
},
}
req.Body = encodeReq(args)
_, err = srv.CatalogRegister(nil, req)
if err == nil || err.Error() != "Invalid service address" {
t.Fatalf("err: %v", err)
_, err = srv.CatalogRegister(nil, req)
if err == nil || err.Error() != "Invalid service address" {
t.Fatalf("err: %v", err)
}
})
}
}

View File

@ -54,7 +54,7 @@ func (c *Catalog) Register(args *structs.RegisterRequest, reply *struct{}) error
// Check the service address here and in the agent endpoint
// since service registration isn't sychronous.
if args.Service.Address == "0.0.0.0" {
if args.Service.Address == "0.0.0.0" || args.Service.Address == "::" || args.Service.Address == "[::]" {
return fmt.Errorf("Invalid service address")
}

View File

@ -53,21 +53,25 @@ func TestCatalog_RegisterService_InvalidAddress(t *testing.T) {
codec := rpcClient(t, s1)
defer codec.Close()
arg := structs.RegisterRequest{
Datacenter: "dc1",
Node: "foo",
Address: "127.0.0.1",
Service: &structs.NodeService{
Service: "db",
Address: "0.0.0.0",
Port: 8000,
},
}
var out struct{}
for _, addr := range []string{"0.0.0.0", "::", "[::]"} {
t.Run("addr "+addr, func(t *testing.T) {
arg := structs.RegisterRequest{
Datacenter: "dc1",
Node: "foo",
Address: "127.0.0.1",
Service: &structs.NodeService{
Service: "db",
Address: addr,
Port: 8000,
},
}
var out struct{}
err := msgpackrpc.CallWithCodec(codec, "Catalog.Register", &arg, &out)
if err == nil || err.Error() != "Invalid service address" {
t.Fatalf("got error %v want 'Invalid service address'", err)
err := msgpackrpc.CallWithCodec(codec, "Catalog.Register", &arg, &out)
if err == nil || err.Error() != "Invalid service address" {
t.Fatalf("got error %v want 'Invalid service address'", err)
}
})
}
}