local.go raw

   1  package config
   2  
   3  import (
   4  	"fmt"
   5  	"net"
   6  	"net/url"
   7  )
   8  
   9  var lookupHostFn = net.LookupHost
  10  
  11  func isLoopbackHost(host string) (bool, error) {
  12  	ip := net.ParseIP(host)
  13  	if ip != nil {
  14  		return ip.IsLoopback(), nil
  15  	}
  16  
  17  	// Host is not an ip, perform lookup
  18  	addrs, err := lookupHostFn(host)
  19  	if err != nil {
  20  		return false, err
  21  	}
  22  	if len(addrs) == 0 {
  23  		return false, fmt.Errorf("no addrs found for host, %s", host)
  24  	}
  25  
  26  	for _, addr := range addrs {
  27  		if !net.ParseIP(addr).IsLoopback() {
  28  			return false, nil
  29  		}
  30  	}
  31  
  32  	return true, nil
  33  }
  34  
  35  func validateLocalURL(v string) error {
  36  	u, err := url.Parse(v)
  37  	if err != nil {
  38  		return err
  39  	}
  40  
  41  	host := u.Hostname()
  42  	if len(host) == 0 {
  43  		return fmt.Errorf("unable to parse host from local HTTP cred provider URL")
  44  	} else if isLoopback, err := isLoopbackHost(host); err != nil {
  45  		return fmt.Errorf("failed to resolve host %q, %v", host, err)
  46  	} else if !isLoopback {
  47  		return fmt.Errorf("invalid endpoint host, %q, only host resolving to loopback addresses are allowed", host)
  48  	}
  49  
  50  	return nil
  51  }
  52