Skip to content

Commit 4665513

Browse files
thomasjpfanthomasjpfan
authored
BUG: Filters out non-network IPs (#66)
1 parent fc9f272 commit 4665513

4 files changed

Lines changed: 122 additions & 3 deletions

File tree

server/cert.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -112,6 +112,9 @@ func (m *cert) Init() error {
112112
if err != nil {
113113
return err
114114
}
115+
116+
ips = filterNetworkIPs(ips)
117+
115118
certs := []cert{}
116119
for _, ip := range ips {
117120
hostPort := ip

server/cert_test.go

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,10 +19,19 @@ import (
1919

2020
type CertTestSuite struct {
2121
suite.Suite
22-
serviceName string
22+
serviceName string
23+
filterNetworkIPsOrg func(ips []string) []string
2324
}
2425

2526
func (s *CertTestSuite) SetupTest() {
27+
s.filterNetworkIPsOrg = filterNetworkIPs
28+
filterNetworkIPs = func(ips []string) []string {
29+
return ips
30+
}
31+
}
32+
33+
func (s *CertTestSuite) TearDownTest() {
34+
filterNetworkIPs = s.filterNetworkIPsOrg
2635
}
2736

2837
func TestCertUnitTestSuite(t *testing.T) {

server/util.go

Lines changed: 36 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,20 +2,22 @@ package server
22

33
import (
44
"fmt"
5-
"github.com/gorilla/schema"
65
"io/ioutil"
76
"log"
87
"net"
98
"net/http"
109
"os"
1110
"strings"
11+
12+
"github.com/gorilla/schema"
1213
)
1314

1415
var httpWriterSetContentType = func(w http.ResponseWriter, value string) {
1516
w.Header().Set("Content-Type", value)
1617
}
1718
var logPrintf = log.Printf
1819
var lookupHost = net.LookupHost
20+
var interfaceAddrs = net.InterfaceAddrs
1921

2022
var decoder = schema.NewDecoder()
2123

@@ -76,3 +78,36 @@ var getSecretOrEnvVar = func(key, defaultValue string) string {
7678
return defaultValue
7779
}
7880
var readSecretsFile = ioutil.ReadFile
81+
82+
// filterNetworkIPs filters out ips that are not contained
83+
// in one of the network interfaces
84+
var filterNetworkIPs = func(ipStrs []string) []string {
85+
if len(ipStrs) == 0 {
86+
return ipStrs
87+
}
88+
networkAddrs, err := interfaceAddrs()
89+
if err != nil {
90+
return ipStrs
91+
}
92+
networkIPs := []*net.IPNet{}
93+
for _, addr := range networkAddrs {
94+
_, netIP, err := net.ParseCIDR(addr.String())
95+
if err != nil {
96+
continue
97+
}
98+
networkIPs = append(networkIPs, netIP)
99+
}
100+
101+
output := []string{}
102+
for _, ipStr := range ipStrs {
103+
ip := net.ParseIP(ipStr)
104+
for _, netIP := range networkIPs {
105+
if netIP.Contains(ip) {
106+
output = append(output, ip.String())
107+
continue
108+
}
109+
}
110+
}
111+
112+
return output
113+
}

server/util_test.go

Lines changed: 73 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,13 +2,15 @@ package server
22

33
import (
44
"fmt"
5-
"github.com/stretchr/testify/suite"
65
"io/ioutil"
6+
"net"
77
"net/http"
88
"net/http/httptest"
99
"net/url"
1010
"strings"
1111
"testing"
12+
13+
"github.com/stretchr/testify/suite"
1214
)
1315

1416
type UtilTestSuite struct {
@@ -173,3 +175,73 @@ func (s *UtilTestSuite) Test_SendDistributeRequests_ReturnsError_WhenProxyIPsAre
173175
s.Assertions.Equal(http.StatusBadRequest, actualStatus)
174176
s.Assertions.Error(err)
175177
}
178+
179+
func (s *UtilTestSuite) Test_FilterIPs_NoIps() {
180+
s.Equal([]string{}, filterNetworkIPs([]string{}))
181+
}
182+
func (s *UtilTestSuite) Test_FilterIPs_NoFiltering() {
183+
interfaceAddrsOrg := interfaceAddrs
184+
defer func() {
185+
interfaceAddrs = interfaceAddrsOrg
186+
}()
187+
interfaceAddrs = func() ([]net.Addr, error) {
188+
output := make([]net.Addr, 2)
189+
_, netIP1, _ := net.ParseCIDR("10.0.0.1/24")
190+
output[0] = netIP1
191+
_, netIP2, _ := net.ParseCIDR("12.0.0.1/24")
192+
output[1] = netIP2
193+
return output, nil
194+
}
195+
196+
ips := []string{
197+
"10.0.0.2", "10.0.0.3", "10.0.0.8", "12.0.0.3",
198+
}
199+
fitlerIPs := filterNetworkIPs(ips)
200+
201+
s.Equal(fitlerIPs, ips)
202+
}
203+
func (s *UtilTestSuite) Test_FilterIPs_FiltersEverything() {
204+
205+
interfaceAddrsOrg := interfaceAddrs
206+
defer func() {
207+
interfaceAddrs = interfaceAddrsOrg
208+
}()
209+
interfaceAddrs = func() ([]net.Addr, error) {
210+
output := make([]net.Addr, 2)
211+
_, netIP1, _ := net.ParseCIDR("11.0.0.1/24")
212+
output[0] = netIP1
213+
_, netIP2, _ := net.ParseCIDR("12.0.0.1/24")
214+
output[1] = netIP2
215+
return output, nil
216+
}
217+
218+
ips := []string{
219+
"10.0.0.2", "10.0.0.3", "10.0.0.8",
220+
}
221+
fitlerIPs := filterNetworkIPs(ips)
222+
223+
s.Equal([]string{}, fitlerIPs)
224+
}
225+
226+
func (s *UtilTestSuite) Test_FilterIPs_FiltersHalf() {
227+
228+
interfaceAddrsOrg := interfaceAddrs
229+
defer func() {
230+
interfaceAddrs = interfaceAddrsOrg
231+
}()
232+
interfaceAddrs = func() ([]net.Addr, error) {
233+
output := make([]net.Addr, 2)
234+
_, netIP1, _ := net.ParseCIDR("11.0.0.1/24")
235+
output[0] = netIP1
236+
_, netIP2, _ := net.ParseCIDR("12.0.0.1/24")
237+
output[1] = netIP2
238+
return output, nil
239+
}
240+
241+
ips := []string{
242+
"10.0.0.2", "10.0.0.3", "12.0.0.8", "11.0.0.3",
243+
}
244+
fitlerIPs := filterNetworkIPs(ips)
245+
246+
s.Equal([]string{"12.0.0.8", "11.0.0.3"}, fitlerIPs)
247+
}

0 commit comments

Comments
 (0)