1 package config
2
3 import (
4 "fmt"
5 "net"
6 "net/url"
7 )
8
9 var lookupHostFn = net.LookupHost
10
11 func isLoopbackHost(host string) (bool, error) {
12 ip := net.ParseIP(host)
13 if ip != nil {
14 return ip.IsLoopback(), nil
15 }
16
17
18 addrs, err := lookupHostFn(host)
19 if err != nil {
20 return false, err
21 }
22 if len(addrs) == 0 {
23 return false, fmt.Errorf("no addrs found for host, %s", host)
24 }
25
26 for _, addr := range addrs {
27 if !net.ParseIP(addr).IsLoopback() {
28 return false, nil
29 }
30 }
31
32 return true, nil
33 }
34
35 func validateLocalURL(v string) error {
36 u, err := url.Parse(v)
37 if err != nil {
38 return err
39 }
40
41 host := u.Hostname()
42 if len(host) == 0 {
43 return fmt.Errorf("unable to parse host from local HTTP cred provider URL")
44 } else if isLoopback, err := isLoopbackHost(host); err != nil {
45 return fmt.Errorf("failed to resolve host %q, %v", host, err)
46 } else if !isLoopback {
47 return fmt.Errorf("invalid endpoint host, %q, only host resolving to loopback addresses are allowed", host)
48 }
49
50 return nil
51 }
52
View as plain text