Skip to content

Commit

Permalink
agent: Disallow 0.0.0.0 as service address
Browse files Browse the repository at this point in the history
Fixes #2961
  • Loading branch information
magiconair committed May 9, 2017
1 parent 66e1bb5 commit 4911eef
Show file tree
Hide file tree
Showing 5 changed files with 96 additions and 0 deletions.
8 changes: 8 additions & 0 deletions command/agent/agent_endpoint.go
Original file line number Diff line number Diff line change
Expand Up @@ -452,6 +452,14 @@ func (s *HTTPServer) AgentRegisterService(resp http.ResponseWriter, req *http.Re
return nil, nil
}

// Check the service address here and in the catalog RPC endpoint
// since service registration isn't sychronous.
if args.Address == "0.0.0.0" {
resp.WriteHeader(400)
fmt.Fprintf(resp, "Invalid service address")
return nil, nil
}

// Get the node service.
ns := args.NodeService()

Expand Down
27 changes: 27 additions & 0 deletions command/agent/agent_endpoint_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1497,6 +1497,33 @@ func TestAgent_RegisterService_ACLDeny(t *testing.T) {
}
}

func TestAgent_RegisterService_InvalidAddress(t *testing.T) {
dir, srv := makeHTTPServer(t)
defer os.RemoveAll(dir)
defer srv.Shutdown()
defer srv.agent.Shutdown()

req, err := http.NewRequest("GET", "/v1/agent/service/register?token=abc123", nil)
if err != nil {
t.Fatalf("err: %v", err)
}
args := &ServiceDefinition{
Name: "test",
Address: "0.0.0.0",
Port: 8000,
}
req.Body = encodeReq(args)

resp := httptest.NewRecorder()
_, err = srv.AgentRegisterService(resp, req)
if got, want := resp.Code, 400; got != want {
t.Fatalf("got code %d want %d", got, want)
}
if got, want := resp.Body.String(), "Invalid service address"; got != want {
t.Fatalf("got body %q want %q", got, want)
}
}

func TestAgent_DeregisterService(t *testing.T) {
dir, srv := makeHTTPServer(t)
defer os.RemoveAll(dir)
Expand Down
30 changes: 30 additions & 0 deletions command/agent/catalog_endpoint_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,36 @@ func TestCatalogRegister(t *testing.T) {
}
}

func TestCatalogRegister_Service_InvalidAddress(t *testing.T) {
dir, srv := makeHTTPServer(t)
defer os.RemoveAll(dir)
defer srv.Shutdown()
defer srv.agent.Shutdown()

testrpc.WaitForLeader(t, srv.agent.RPC, "dc1")

// Register node
req, err := http.NewRequest("GET", "/v1/catalog/register", nil)
if err != nil {
t.Fatalf("err: %v", err)
}
args := &structs.RegisterRequest{
Node: "foo",
Address: "127.0.0.1",
Service: &structs.NodeService{
Service: "test",
Address: "0.0.0.0",
Port: 8080,
},
}
req.Body = encodeReq(args)

_, err = srv.CatalogRegister(nil, req)
if err == nil || err.Error() != "Invalid service address" {
t.Fatalf("err: %v", err)
}
}

func TestCatalogDeregister(t *testing.T) {
dir, srv := makeHTTPServer(t)
defer os.RemoveAll(dir)
Expand Down
6 changes: 6 additions & 0 deletions consul/catalog_endpoint.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,12 @@ func (c *Catalog) Register(args *structs.RegisterRequest, reply *struct{}) error
return fmt.Errorf("Must provide service name with ID")
}

// Check the service address here and in the agent endpoint
// since service registration isn't sychronous.
if args.Service.Address == "0.0.0.0" {
return fmt.Errorf("Invalid service address")
}

// Apply the ACL policy if any. The 'consul' service is excluded
// since it is managed automatically internally (that behavior
// is going away after version 0.8). We check this same policy
Expand Down
25 changes: 25 additions & 0 deletions consul/catalog_endpoint_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,31 @@ func TestCatalog_Register(t *testing.T) {
}
}

func TestCatalog_RegisterService_InvalidAddress(t *testing.T) {
dir1, s1 := testServer(t)
defer os.RemoveAll(dir1)
defer s1.Shutdown()
codec := rpcClient(t, s1)
defer codec.Close()

arg := structs.RegisterRequest{
Datacenter: "dc1",
Node: "foo",
Address: "127.0.0.1",
Service: &structs.NodeService{
Service: "db",
Address: "0.0.0.0",
Port: 8000,
},
}
var out struct{}

err := msgpackrpc.CallWithCodec(codec, "Catalog.Register", &arg, &out)
if err == nil || err.Error() != "Invalid service address" {
t.Fatalf("got error %v want 'Invalid service address'", err)
}
}

func TestCatalog_Register_NodeID(t *testing.T) {
dir1, s1 := testServer(t)
defer os.RemoveAll(dir1)
Expand Down

0 comments on commit 4911eef

Please sign in to comment.