Go to file
hc-github-team-consul-core 6a5244bf9c
Backport of [NET-4897] net/http host header is now verified and request.host that contains socked now error into release/1.16.x (#18145)
* no-op commit due to failed cherry-picking

* [NET-4897] net/http host header is now verified and request.host that contains socked now error (#18129)

### Description

This is related to https://github.com/hashicorp/consul/pull/18124 where
we pinned the go versions in CI to 1.20.5 and 1.19.10.

go 1.20.6 and 1.19.11 now validate request host headers for validity,
including the hostname cannot be prefixed with slashes.

For local communications (npipe://, unix://), the hostname is not used,
but we need valid and meaningful hostname. Prior versions go Go would
clean the host header, and strip slashes in the process, but go1.20.6
and go1.19.11 no longer do, and reject the host header. Around the
community we are seeing that others are intercepting the req.host and if
it starts with a slash or ends with .sock, they changing the host to
localhost or another dummy value.

[client: define a "dummy" hostname to use for local connections by
thaJeztah · Pull Request #45942 ·
moby/moby](https://github.com/moby/moby/pull/45942)

### Testing & Reproduction steps

Check CI tests.

### Links
* [ ] updated test coverage
* [ ] external facing docs updated
* [ ] appropriate backport labels added
* [ ] not a security concern

---------

Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: John Murret <john.murret@hashicorp.com>
2023-07-17 11:44:56 -06:00
.changelog Backport of Displays Consul version of each nodes in UI nodes section into release/1.16.x (#18113) 2023-07-17 17:27:50 +00:00
.github Backport of [NET-4897] net/http host header is now verified and request.host that contains socked now error into release/1.16.x (#18145) 2023-07-17 11:44:56 -06:00
.release Resolves issue-16844 - systemd notify by default (#16845) 2023-06-02 10:04:48 -07:00
acl server: wire up in-process Resource Service (#16978) 2023-04-18 10:03:23 +01:00
agent Backport of Displays Consul version of each nodes in UI nodes section into release/1.16.x (#18113) 2023-07-17 17:27:50 +00:00
api Backport of [NET-4897] net/http host header is now verified and request.host that contains socked now error into release/1.16.x (#18145) 2023-07-17 11:44:56 -06:00
bench Gets benchmarks running again and does a rough pass for 0.7.1. 2016-11-29 13:02:26 -08:00
build-support Backport of Reference hashicorp/consul instead of consul for Docker image into release/1.16.x (#17920) 2023-06-28 00:06:28 +00:00
command Backport of [OSS] Fix initial_fetch_timeout to wait for all xDS resources into release/1.16.x (#18065) 2023-07-10 21:27:56 +00:00
connect Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
contributing Move contributing to docs 2021-08-30 16:17:09 -04:00
docs docs: first pass at a resource/controller developer guide (#17395) 2023-05-24 15:49:32 +01:00
envoyextensions backport of commit 6fc8624ccfb8eb0318726d5ed81546481f250cbc (#17632) 2023-06-09 02:50:07 +00:00
grafana add readme outlining how to edit and publish 2021-01-12 14:47:11 -08:00
internal backport of commit f2e26c36eced387f8b5396e5969f37c8d4b6493c (#17870) 2023-06-26 12:40:50 +00:00
ipaddr Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
lib hoststats: add package for collecting host statistics including cpu memory and disk usage (#17038) 2023-05-30 18:43:29 +00:00
logging Controller Supervision (#17016) 2023-04-25 12:52:35 +01:00
proto Expose JWKS cluster config through JWTProviderConfigEntry (#17978) (#18002) 2023-07-04 09:53:12 -04:00
proto-public Various bits of cleanup detected when using Go Workspaces (#17462) 2023-06-05 16:08:39 -04:00
sdk Backport of Displays Consul version of each nodes in UI nodes section into release/1.16.x (#18113) 2023-07-17 17:27:50 +00:00
sentinel Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
service_os Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
snapshot snapshot: some improvments to the snapshot process (#17236) 2023-05-09 15:28:52 -04:00
test Backport of Use JWT-auth filter in metadata mode & Delegate validation to RBAC filter into release/1.16.x (#18153) 2023-07-17 15:50:21 +00:00
testrpc Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
tlsutil update tests for fips (#17592) 2023-06-07 10:57:56 -05:00
tools/internal-grpc-proxy Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
troubleshoot Update troubleshoot submodule dependencies 2023-06-08 16:48:05 -04:00
types Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
ui Backport of Displays Consul version of each nodes in UI nodes section into release/1.16.x (#18113) 2023-07-17 17:27:50 +00:00
version Update VERSION to reflect next patch release (#17913) 2023-07-10 21:31:39 +00:00
website Backport of Change docs to say 168h instead of 7d for server_rejoin_age_max into release/1.16.x (#18156) 2023-07-17 17:12:38 +00:00
.copywrite.hcl Remove UI brand-loader copyright headers as they do not render appropriately (#16835) 2023-03-31 11:29:19 -04:00
.dockerignore Update the scripting 2018-06-14 21:42:47 -04:00
.gitattributes Initial commit 2013-11-04 14:15:27 -08:00
.gitignore Various bits of cleanup detected when using Go Workspaces (#17462) 2023-06-05 16:08:39 -04:00
.golangci.yml Various bits of cleanup detected when using Go Workspaces (#17462) 2023-06-05 16:08:39 -04:00
CHANGELOG.md Backport of Add changelog entry for 1.16.0 into release/1.16.x (#17989) 2023-06-30 17:01:41 -04:00
Dockerfile Backport of Bump Alpine to 3.18 into release/1.16.x (#17725) 2023-06-14 01:17:02 +00:00
GNUmakefile Backport of Reference hashicorp/consul instead of consul for Docker image into release/1.16.x (#17920) 2023-06-28 00:06:28 +00:00
LICENSE [COMPLIANCE] Update MPL-2.0 LICENSE (#14964) 2022-11-09 12:24:14 -06:00
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md Fixed broken links referring to tutorials running as local agent (#14954) 2022-10-11 13:01:29 -07:00
buf.work.yaml Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
fixup_acl_move.sh Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
go.mod backport of commit 9bb7499d3c6a9b8271ccc050bdf863ac8955acc5 (#17934) 2023-06-28 09:31:36 -07:00
go.sum backport of commit 9bb7499d3c6a9b8271ccc050bdf863ac8955acc5 (#17934) 2023-06-28 09:31:36 -07:00
main.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00

README.md

Consul logo Consul

Docker Pulls Go Report Card

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Consul provides several key features:

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Mesh - Consul Service Mesh enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections with Transparent Proxy.

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

Consul runs on Linux, macOS, FreeBSD, Solaris, and Windows and includes an optional browser based UI. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Documentation

Full, comprehensive documentation is available on the Consul website: https://consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance. For contributions specifically to the browser based UI, please refer to the UI's README.md for guidance.