mirror of https://github.com/status-im/consul.git
Fix issue with choosing a client addr that is 0.0.0.0 or ::
This commit is contained in:
parent
4ec8c489c0
commit
c891e264ca
|
@ -710,25 +710,14 @@ func (a *Agent) reloadWatches(cfg *config.RuntimeConfig) error {
|
||||||
watchPlans = append(watchPlans, wp)
|
watchPlans = append(watchPlans, wp)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Determine the primary http(s) endpoint.
|
|
||||||
var netaddr net.Addr
|
|
||||||
https := false
|
|
||||||
if len(cfg.HTTPAddrs) > 0 {
|
|
||||||
netaddr = cfg.HTTPAddrs[0]
|
|
||||||
} else {
|
|
||||||
netaddr = cfg.HTTPSAddrs[0]
|
|
||||||
https = true
|
|
||||||
}
|
|
||||||
addr := netaddr.String()
|
|
||||||
if netaddr.Network() == "unix" {
|
|
||||||
addr = "unix://" + addr
|
|
||||||
https = false
|
|
||||||
} else if https {
|
|
||||||
addr = "https://" + addr
|
|
||||||
}
|
|
||||||
|
|
||||||
// Fire off a goroutine for each new watch plan.
|
// Fire off a goroutine for each new watch plan.
|
||||||
for _, wp := range watchPlans {
|
for _, wp := range watchPlans {
|
||||||
|
config, err := a.config.APIConfig(true)
|
||||||
|
if err != nil {
|
||||||
|
a.logger.Printf("[ERR] agent: Failed to run watch: %v", err)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
a.watchPlans = append(a.watchPlans, wp)
|
a.watchPlans = append(a.watchPlans, wp)
|
||||||
go func(wp *watch.Plan) {
|
go func(wp *watch.Plan) {
|
||||||
if h, ok := wp.Exempt["handler"]; ok {
|
if h, ok := wp.Exempt["handler"]; ok {
|
||||||
|
@ -741,16 +730,9 @@ func (a *Agent) reloadWatches(cfg *config.RuntimeConfig) error {
|
||||||
}
|
}
|
||||||
wp.LogOutput = a.LogOutput
|
wp.LogOutput = a.LogOutput
|
||||||
|
|
||||||
config := api.DefaultConfig()
|
addr := config.Address
|
||||||
if https {
|
if config.Scheme == "https" {
|
||||||
if a.config.CAPath != "" {
|
addr = "https://" + addr
|
||||||
config.TLSConfig.CAPath = a.config.CAPath
|
|
||||||
}
|
|
||||||
if a.config.CAFile != "" {
|
|
||||||
config.TLSConfig.CAFile = a.config.CAFile
|
|
||||||
}
|
|
||||||
// use the original address without the https:// prefix
|
|
||||||
config.TLSConfig.Address = netaddr.String()
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := wp.RunWithConfig(addr, config); err != nil {
|
if err := wp.RunWithConfig(addr, config); err != nil {
|
||||||
|
|
|
@ -1193,7 +1193,7 @@ func (c *RuntimeConfig) IncomingHTTPSConfig() (*tls.Config, error) {
|
||||||
func (c *RuntimeConfig) apiAddresses(maxPerType int) (unixAddrs, httpAddrs, httpsAddrs []string) {
|
func (c *RuntimeConfig) apiAddresses(maxPerType int) (unixAddrs, httpAddrs, httpsAddrs []string) {
|
||||||
if len(c.HTTPSAddrs) > 0 {
|
if len(c.HTTPSAddrs) > 0 {
|
||||||
for i, addr := range c.HTTPSAddrs {
|
for i, addr := range c.HTTPSAddrs {
|
||||||
if i < maxPerType {
|
if maxPerType < 1 || i < maxPerType {
|
||||||
httpsAddrs = append(httpsAddrs, addr.String())
|
httpsAddrs = append(httpsAddrs, addr.String())
|
||||||
} else {
|
} else {
|
||||||
break
|
break
|
||||||
|
@ -1206,12 +1206,12 @@ func (c *RuntimeConfig) apiAddresses(maxPerType int) (unixAddrs, httpAddrs, http
|
||||||
for _, addr := range c.HTTPAddrs {
|
for _, addr := range c.HTTPAddrs {
|
||||||
switch addr.(type) {
|
switch addr.(type) {
|
||||||
case *net.UnixAddr:
|
case *net.UnixAddr:
|
||||||
if unix_count < maxPerType {
|
if maxPerType < 1 || unix_count < maxPerType {
|
||||||
unixAddrs = append(unixAddrs, addr.String())
|
unixAddrs = append(unixAddrs, addr.String())
|
||||||
unix_count += 1
|
unix_count += 1
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
if http_count < maxPerType {
|
if maxPerType < 1 || http_count < maxPerType {
|
||||||
httpAddrs = append(httpAddrs, addr.String())
|
httpAddrs = append(httpAddrs, addr.String())
|
||||||
http_count += 1
|
http_count += 1
|
||||||
}
|
}
|
||||||
|
@ -1222,28 +1222,95 @@ func (c *RuntimeConfig) apiAddresses(maxPerType int) (unixAddrs, httpAddrs, http
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (c *RuntimeConfig) ClientAddress() (unixAddr, httpAddr, httpsAddr string) {
|
||||||
|
unixAddrs, httpAddrs, httpsAddrs := c.apiAddresses(0)
|
||||||
|
|
||||||
|
if len(unixAddrs) > 0 {
|
||||||
|
unixAddr = "unix://" + unixAddrs[0]
|
||||||
|
}
|
||||||
|
|
||||||
|
http_any := ""
|
||||||
|
if len(httpAddrs) > 0 {
|
||||||
|
for _, addr := range httpAddrs {
|
||||||
|
host, port, err := net.SplitHostPort(addr)
|
||||||
|
if err != nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
if host == "0.0.0.0" || host == "::" {
|
||||||
|
if http_any == "" {
|
||||||
|
if host == "0.0.0.0" {
|
||||||
|
http_any = net.JoinHostPort("127.0.0.1", port)
|
||||||
|
} else {
|
||||||
|
http_any = net.JoinHostPort("::1", port)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
httpAddr = addr
|
||||||
|
break
|
||||||
|
}
|
||||||
|
|
||||||
|
if httpAddr == "" && http_any != "" {
|
||||||
|
httpAddr = http_any
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
https_any := ""
|
||||||
|
if len(httpsAddrs) > 0 {
|
||||||
|
for _, addr := range httpsAddrs {
|
||||||
|
host, port, err := net.SplitHostPort(addr)
|
||||||
|
if err != nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
if host == "0.0.0.0" || host == "::" {
|
||||||
|
if https_any == "" {
|
||||||
|
if host == "0.0.0.0" {
|
||||||
|
https_any = net.JoinHostPort("127.0.0.1", port)
|
||||||
|
} else {
|
||||||
|
https_any = net.JoinHostPort("::1", port)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
httpsAddr = addr
|
||||||
|
break
|
||||||
|
}
|
||||||
|
|
||||||
|
if httpsAddr == "" && https_any != "" {
|
||||||
|
httpsAddr = https_any
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
func (c *RuntimeConfig) APIConfig(includeClientCerts bool) (*api.Config, error) {
|
func (c *RuntimeConfig) APIConfig(includeClientCerts bool) (*api.Config, error) {
|
||||||
cfg := &api.Config{
|
cfg := &api.Config{
|
||||||
Datacenter: c.Datacenter,
|
Datacenter: c.Datacenter,
|
||||||
TLSConfig: api.TLSConfig{InsecureSkipVerify: !c.VerifyOutgoing},
|
TLSConfig: api.TLSConfig{InsecureSkipVerify: !c.VerifyOutgoing},
|
||||||
}
|
}
|
||||||
|
|
||||||
unixAddrs, httpAddrs, httpsAddrs := c.apiAddresses(1)
|
unixAddr, httpAddr, httpsAddr := c.ClientAddress()
|
||||||
|
|
||||||
if len(httpsAddrs) > 0 {
|
if httpsAddr != "" {
|
||||||
cfg.Address = httpsAddrs[0]
|
cfg.Address = httpsAddr
|
||||||
cfg.Scheme = "https"
|
cfg.Scheme = "https"
|
||||||
cfg.TLSConfig.CAFile = c.CAFile
|
cfg.TLSConfig.CAFile = c.CAFile
|
||||||
cfg.TLSConfig.CAPath = c.CAPath
|
cfg.TLSConfig.CAPath = c.CAPath
|
||||||
|
cfg.TLSConfig.Address = httpsAddr
|
||||||
if includeClientCerts {
|
if includeClientCerts {
|
||||||
cfg.TLSConfig.CertFile = c.CertFile
|
cfg.TLSConfig.CertFile = c.CertFile
|
||||||
cfg.TLSConfig.KeyFile = c.KeyFile
|
cfg.TLSConfig.KeyFile = c.KeyFile
|
||||||
}
|
}
|
||||||
} else if len(httpAddrs) > 0 {
|
} else if httpAddr != "" {
|
||||||
cfg.Address = httpAddrs[0]
|
cfg.Address = httpAddr
|
||||||
cfg.Scheme = "http"
|
cfg.Scheme = "http"
|
||||||
} else if len(unixAddrs) > 0 {
|
} else if unixAddr != "" {
|
||||||
cfg.Address = "unix://" + unixAddrs[0]
|
cfg.Address = unixAddr
|
||||||
// this should be ignored - however we are still talking http over a unix socket
|
// this should be ignored - however we are still talking http over a unix socket
|
||||||
// so it makes sense to set it like this
|
// so it makes sense to set it like this
|
||||||
cfg.Scheme = "http"
|
cfg.Scheme = "http"
|
||||||
|
|
|
@ -4608,6 +4608,100 @@ func TestRuntime_APIConfigUNIX(t *testing.T) {
|
||||||
require.Equal(t, "", cfg.TLSConfig.KeyFile)
|
require.Equal(t, "", cfg.TLSConfig.KeyFile)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestRuntime_APIConfigANYAddrV4(t *testing.T) {
|
||||||
|
rt := RuntimeConfig{
|
||||||
|
HTTPAddrs: []net.Addr{
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("0.0.0.0"), Port: 5678},
|
||||||
|
},
|
||||||
|
Datacenter: "dc-test",
|
||||||
|
}
|
||||||
|
|
||||||
|
cfg, err := rt.APIConfig(false)
|
||||||
|
require.NoError(t, err)
|
||||||
|
require.Equal(t, rt.Datacenter, cfg.Datacenter)
|
||||||
|
require.Equal(t, "127.0.0.1:5678", cfg.Address)
|
||||||
|
require.Equal(t, "http", cfg.Scheme)
|
||||||
|
require.Equal(t, "", cfg.TLSConfig.CAFile)
|
||||||
|
require.Equal(t, "", cfg.TLSConfig.CAPath)
|
||||||
|
require.Equal(t, "", cfg.TLSConfig.CertFile)
|
||||||
|
require.Equal(t, "", cfg.TLSConfig.KeyFile)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRuntime_APIConfigANYAddrV6(t *testing.T) {
|
||||||
|
rt := RuntimeConfig{
|
||||||
|
HTTPAddrs: []net.Addr{
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("::"), Port: 5678},
|
||||||
|
},
|
||||||
|
Datacenter: "dc-test",
|
||||||
|
}
|
||||||
|
|
||||||
|
cfg, err := rt.APIConfig(false)
|
||||||
|
require.NoError(t, err)
|
||||||
|
require.Equal(t, rt.Datacenter, cfg.Datacenter)
|
||||||
|
require.Equal(t, "[::1]:5678", cfg.Address)
|
||||||
|
require.Equal(t, "http", cfg.Scheme)
|
||||||
|
require.Equal(t, "", cfg.TLSConfig.CAFile)
|
||||||
|
require.Equal(t, "", cfg.TLSConfig.CAPath)
|
||||||
|
require.Equal(t, "", cfg.TLSConfig.CertFile)
|
||||||
|
require.Equal(t, "", cfg.TLSConfig.KeyFile)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRuntime_ClientAddress(t *testing.T) {
|
||||||
|
rt := RuntimeConfig{
|
||||||
|
HTTPAddrs: []net.Addr{
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("::"), Port: 5678},
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("198.18.0.1"), Port: 5679},
|
||||||
|
&net.UnixAddr{Name: "/var/run/foo", Net: "unix"},
|
||||||
|
},
|
||||||
|
HTTPSAddrs: []net.Addr{
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("::"), Port: 5688},
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("198.18.0.1"), Port: 5689},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
unix, http, https := rt.ClientAddress()
|
||||||
|
|
||||||
|
require.Equal(t, "unix:///var/run/foo", unix)
|
||||||
|
require.Equal(t, "198.18.0.1:5679", http)
|
||||||
|
require.Equal(t, "198.18.0.1:5689", https)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRuntime_ClientAddressAnyV4(t *testing.T) {
|
||||||
|
rt := RuntimeConfig{
|
||||||
|
HTTPAddrs: []net.Addr{
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("0.0.0.0"), Port: 5678},
|
||||||
|
&net.UnixAddr{Name: "/var/run/foo", Net: "unix"},
|
||||||
|
},
|
||||||
|
HTTPSAddrs: []net.Addr{
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("0.0.0.0"), Port: 5688},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
unix, http, https := rt.ClientAddress()
|
||||||
|
|
||||||
|
require.Equal(t, "unix:///var/run/foo", unix)
|
||||||
|
require.Equal(t, "127.0.0.1:5678", http)
|
||||||
|
require.Equal(t, "127.0.0.1:5688", https)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRuntime_ClientAddressAnyV6(t *testing.T) {
|
||||||
|
rt := RuntimeConfig{
|
||||||
|
HTTPAddrs: []net.Addr{
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("::"), Port: 5678},
|
||||||
|
&net.UnixAddr{Name: "/var/run/foo", Net: "unix"},
|
||||||
|
},
|
||||||
|
HTTPSAddrs: []net.Addr{
|
||||||
|
&net.TCPAddr{IP: net.ParseIP("::"), Port: 5688},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
unix, http, https := rt.ClientAddress()
|
||||||
|
|
||||||
|
require.Equal(t, "unix:///var/run/foo", unix)
|
||||||
|
require.Equal(t, "[::1]:5678", http)
|
||||||
|
require.Equal(t, "[::1]:5688", https)
|
||||||
|
}
|
||||||
|
|
||||||
func splitIPPort(hostport string) (net.IP, int) {
|
func splitIPPort(hostport string) (net.IP, int) {
|
||||||
h, p, err := net.SplitHostPort(hostport)
|
h, p, err := net.SplitHostPort(hostport)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Loading…
Reference in New Issue