mirror of https://github.com/oxen-io/lokinet
proper handling of public ips
parent
eb4ecf92ba
commit
f96b46214f
@ -0,0 +1,102 @@
|
||||
From: Jeff Becker <jeff@lokinet.io>
|
||||
Date: Wed, 26 Oct 2022 14:03:30 -0400
|
||||
Subject: proper handling of public ips
|
||||
|
||||
in service node mode make sure that when overriding public ip we only
|
||||
fail when using 2 different public ip.
|
||||
---
|
||||
llarp/router/router.cpp | 14 ++++++++++++--
|
||||
test/config/test_llarp_config_values.cpp | 27 ++++++++++++++++++++++++---
|
||||
2 files changed, 36 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/llarp/router/router.cpp b/llarp/router/router.cpp
|
||||
index 73e52bf..f11a57b 100644
|
||||
--- a/llarp/router/router.cpp
|
||||
+++ b/llarp/router/router.cpp
|
||||
@@ -1287,8 +1287,18 @@ namespace llarp
|
||||
// override ip and port as needed
|
||||
if (_ourAddress)
|
||||
{
|
||||
- if (not Net().IsBogon(ai.ip))
|
||||
- throw std::runtime_error{"cannot override public ip, it is already set"};
|
||||
+ const auto ai_ip = ai.IP();
|
||||
+ const auto override_ip = _ourAddress->getIP();
|
||||
+
|
||||
+ auto ai_ip_str = var::visit([](auto&& ip) { return ip.ToString(); }, ai_ip);
|
||||
+ auto override_ip_str = var::visit([](auto&& ip) { return ip.ToString(); }, override_ip);
|
||||
+
|
||||
+ if ((not Net().IsBogonIP(ai_ip)) and (not Net().IsBogonIP(override_ip))
|
||||
+ and ai_ip != override_ip)
|
||||
+ throw std::runtime_error{
|
||||
+ "Lokinet is bound to public IP '{}', but public-ip is set to '{}'. Either fix the "
|
||||
+ "[router]:public-ip setting or set a bind address in the [bind] section of the "
|
||||
+ "config."_format(ai_ip_str, override_ip_str)};
|
||||
ai.fromSockAddr(*_ourAddress);
|
||||
}
|
||||
if (RouterContact::BlockBogons && Net().IsBogon(ai.ip))
|
||||
diff --git a/test/config/test_llarp_config_values.cpp b/test/config/test_llarp_config_values.cpp
|
||||
index 242f5d1..8276cc5 100644
|
||||
--- a/test/config/test_llarp_config_values.cpp
|
||||
+++ b/test/config/test_llarp_config_values.cpp
|
||||
@@ -160,6 +160,26 @@ inbound=127.0.0.1:443
|
||||
)";
|
||||
REQUIRE_THROWS(make_config(env, ini_str));
|
||||
}
|
||||
+ SECTION("public ip provided but no bind section")
|
||||
+ {
|
||||
+ std::string_view ini_str = R"(
|
||||
+[router]
|
||||
+public-ip=1.1.1.1
|
||||
+public-port=443
|
||||
+)";
|
||||
+ REQUIRE_NOTHROW(run_config_test(env, ini_str));
|
||||
+ }
|
||||
+ SECTION("public ip provided with ip in bind section")
|
||||
+ {
|
||||
+ std::string_view ini_str = R"(
|
||||
+[router]
|
||||
+public-ip=1.1.1.1
|
||||
+public-port=443
|
||||
+[bind]
|
||||
+1.1.1.1=443
|
||||
+)";
|
||||
+ REQUIRE_NOTHROW(run_config_test(env, ini_str));
|
||||
+ }
|
||||
}
|
||||
|
||||
TEST_CASE("service node bind section on nat network", "[config]")
|
||||
@@ -212,6 +232,7 @@ inbound=0.0.0.0:443
|
||||
)";
|
||||
REQUIRE_THROWS(run_config_test(env, ini_str));
|
||||
}
|
||||
+
|
||||
}
|
||||
|
||||
TEST_CASE("service node bind section with multiple public ip", "[config]")
|
||||
@@ -226,7 +247,7 @@ TEST_CASE("service node bind section with multiple public ip", "[config]")
|
||||
std::string_view ini_str = "";
|
||||
REQUIRE_NOTHROW(run_config_test(env, ini_str));
|
||||
}
|
||||
- SECTION("with old style wildcard for inbound and no public ip")
|
||||
+ SECTION("with old style wildcard for inbound and no public ip, fails")
|
||||
{
|
||||
std::string_view ini_str = R"(
|
||||
[bind]
|
||||
@@ -261,7 +282,7 @@ public-port=443
|
||||
inbound=0.0.0.0:443
|
||||
)";
|
||||
|
||||
- REQUIRE_THROWS(run_config_test(env, ini_str));
|
||||
+ REQUIRE_NOTHROW(run_config_test(env, ini_str));
|
||||
}
|
||||
SECTION("with wildcard via inbound directive secondary public ip given")
|
||||
{
|
||||
@@ -273,7 +294,7 @@ public-port=443
|
||||
inbound=0.0.0.0:443
|
||||
)";
|
||||
|
||||
- REQUIRE_THROWS(run_config_test(env, ini_str));
|
||||
+ REQUIRE_NOTHROW(run_config_test(env, ini_str));
|
||||
}
|
||||
SECTION("with bind via interface name")
|
||||
{
|
@ -0,0 +1 @@
|
||||
0001-proper-handling-of-public-ips.patch
|
Loading…
Reference in New Issue