From e42c6ab5201555143fda725114e3ff0057058c82 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Wed, 20 May 2015 20:06:30 -0600 Subject: [PATCH] Notice displayed if non-localhost hosts resolve to loopback --- main.go | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/main.go b/main.go index 82509461..07e8f671 100644 --- a/main.go +++ b/main.go @@ -71,7 +71,7 @@ func main() { // Start each server with its one or more configurations for addr, configs := range addresses { - s, err := server.New(addr, configs, configs[0].TLS.Enabled) + s, err := server.New(addr.String(), configs, configs[0].TLS.Enabled) if err != nil { log.Fatal(err) } @@ -89,12 +89,25 @@ func main() { for _, config := range configs { fmt.Println(config.Address()) } + + for addr, configs := range addresses { + for _, conf := range configs { + if addr.IP.IsLoopback() && !isLocalhost(conf.Host) { + fmt.Printf("Notice: %s is only accessible on this machine (%s)\n", + conf.Host, addr.IP.String()) + } + } + } } } wg.Wait() } +func isLocalhost(s string) bool { + return s == "localhost" || s == "::1" || strings.HasPrefix(s, "127.") +} + // loadConfigs loads configuration from a file or stdin (piped). // Configuration is obtained from one of three sources, tried // in this order: 1. -conf flag, 2. stdin, 3. Caddyfile. @@ -146,8 +159,8 @@ func loadConfigs() ([]server.Config, error) { // be grouped into the same address: 127.0.0.1. It will return an error // if the address lookup fails or if a TLS listener is configured on the // same address as a plaintext HTTP listener. -func arrangeBindings(allConfigs []server.Config) (map[string][]server.Config, error) { - addresses := make(map[string][]server.Config) +func arrangeBindings(allConfigs []server.Config) (map[*net.TCPAddr][]server.Config, error) { + addresses := make(map[*net.TCPAddr][]server.Config) // Group configs by bind address for _, conf := range allConfigs { @@ -155,7 +168,7 @@ func arrangeBindings(allConfigs []server.Config) (map[string][]server.Config, er if err != nil { return addresses, errors.New("Could not serve " + conf.Address() + " - " + err.Error()) } - addresses[addr.String()] = append(addresses[addr.String()], conf) + addresses[addr] = append(addresses[addr], conf) } // Don't allow HTTP and HTTPS to be served on the same address