From 937102f8d158685fa890ed4e866d62e4f835aa0b Mon Sep 17 00:00:00 2001 From: Yanhong Yang Date: Thu, 1 Dec 2022 16:22:23 +0800 Subject: [PATCH] Format server URL in automatic (PXE) installation to allow server URL without port. Signed-off-by: Yanhong Yang --- pkg/console/install_panels.go | 8 ++++++++ pkg/console/util.go | 34 ++++++++++++++++++++++++++++++---- pkg/console/util_test.go | 28 +++++++++++++++++++++++----- 3 files changed, 61 insertions(+), 9 deletions(-) diff --git a/pkg/console/install_panels.go b/pkg/console/install_panels.go index 1cd3437fc..74527a26a 100644 --- a/pkg/console/install_panels.go +++ b/pkg/console/install_panels.go @@ -1687,6 +1687,14 @@ func addInstallPanel(c *Console) error { if c.config.TTY == "" { c.config.TTY = getFirstConsoleTTY() } + if c.config.ServerURL != "" { + formatted, err := getFormattedServerURL(c.config.ServerURL) + if err != nil { + printToPanel(c.Gui, fmt.Sprintf("server url invalid: %s", err), installPanel) + return + } + c.config.ServerURL = formatted + } // lookup MAC Address to populate device names where needed // lookup device name to populate MAC Address diff --git a/pkg/console/util.go b/pkg/console/util.go index 463df72d3..158ab0483 100644 --- a/pkg/console/util.go +++ b/pkg/console/util.go @@ -43,6 +43,7 @@ You can see the full installation log by: - Login with user "rancher" (password is "rancher"). - Run the command: less %s. ` + https = "https://" ) func newProxyClient() http.Client { @@ -277,12 +278,37 @@ func getRemoteSSHKeys(url string) ([]string, error) { } func getFormattedServerURL(addr string) (string, error) { - ipErr := checkIP(addr) - domainErr := checkDomain(addr) - if ipErr != nil && domainErr != nil { + if addr == "" { + return "", errors.New("management address cannot be empty") + } + addr = strings.TrimSpace(addr) + + realAddr := addr + if !strings.HasPrefix(addr, https) { + realAddr = https + addr + } + parsedUrl, err := url.ParseRequestURI(realAddr) + if err != nil { + return "", fmt.Errorf("%s is invalid", addr) + } + + host := parsedUrl.Hostname() + if checkIP(host) != nil && checkDomain(host) != nil { return "", fmt.Errorf("%s is not a valid ip/domain", addr) } - return fmt.Sprintf("https://%s:%s", addr, rancherManagementPort), nil + + if parsedUrl.Path != "" { + return "", fmt.Errorf("path is not allowed in management address: %s", parsedUrl.Path) + } + + port := parsedUrl.Port() + if port == "" { + parsedUrl.Host += ":443" + } else if port != "443" { + return "", fmt.Errorf("currently non-443 port are not allowed") + } + + return parsedUrl.String(), nil } func getServerURLFromRancherdConfig(data []byte) (string, error) { diff --git a/pkg/console/util_test.go b/pkg/console/util_test.go index d99800305..71256ec3b 100644 --- a/pkg/console/util_test.go +++ b/pkg/console/util_test.go @@ -80,16 +80,34 @@ func TestGetFormattedServerURL(t *testing.T) { err: nil, }, { - Name: "invalid ip", + Name: "ip without port and scheme", + input: "1.1.1.1", + output: "https://1.1.1.1:443", + err: nil, + }, + { + Name: "domain without port and scheme", + input: "abc.org", + output: "https://abc.org:443", + err: nil, + }, + { + Name: "custom port", + input: "1.2.3.4:555", + output: "", + err: errors.New("currently non-443 port are not allowed"), + }, + { + Name: "ip with path", input: "1.2.3.4/", output: "", - err: errors.New("1.2.3.4/ is not a valid ip/domain"), + err: errors.New("path is not allowed in management address: /"), }, { - Name: "invalid domain", - input: "example.org/", + Name: "domain with path", + input: "abc.org/test/abc", output: "", - err: errors.New("example.org/ is not a valid ip/domain"), + err: errors.New("path is not allowed in management address: /test/abc"), }, } for _, testCase := range testCases {