vault: validate advertise addr is valid URL [GH-106]

2015-05-02 13:28:33 -07:00 · 2015-05-02 13:28:33 -07:00 · 727e0e90cd
parent 83af64dbd1
commit 727e0e90cd
3 changed files with 33 additions and 5 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -15,6 +15,7 @@ BUG FIXES:
  * core: if token helper isn't absolute, prepend with path to Vault
      executable, not "vault" (which requires PATH) [GH-60]
  * core: Any "mapping" routes allow hyphens in keys [GH-119]
+  * core: Validate `advertise_addr` is a valid URL with scheme [GH-106]
  * command/auth: Using an invalid token won't crash [GH-75]
  * credential/app-id: app and user IDs can have hyphens in keys [GH-119]
  * helper/password: import proper DLL for Windows to ask password [GH-83]
--- a/vault/core.go
+++ b/vault/core.go
@ -6,6 +6,7 @@ import (
 	"errors"
 	"fmt"
 	"log"
+	"net/url"
 	"os"
 	"strings"
 	"sync"
@ -215,6 +216,18 @@ func NewCore(conf *CoreConfig) (*Core, error) {
 		return nil, fmt.Errorf("missing advertisement address")
 	}

+	// Validate the advertise addr if its given to us
+	if conf.AdvertiseAddr != "" {
+		u, err := url.Parse(conf.AdvertiseAddr)
+		if err != nil {
+			return nil, fmt.Errorf("advertisement address is not valid url: %s", err)
+		}
+
+		if u.Scheme == "" {
+			return nil, fmt.Errorf("advertisement address must include scheme (ex. 'http')")
+		}
+	}
+
 	// Wrap the backend in a cache unless disabled
 	if !conf.DisableCache {
 		_, isCache := conf.Physical.(*physical.Cache)
--- a/vault/core_test.go
+++ b/vault/core_test.go
@ -15,6 +15,18 @@ var (
 	invalidKey = []byte("abcdefghijklmnopqrstuvwxyz")[:17]
 )

+func TestNewCore_badAdvertiseAddr(t *testing.T) {
+	conf := &CoreConfig{
+		AdvertiseAddr: "127.0.0.1:8200",
+		Physical:      physical.NewInmem(),
+		DisableMlock:  true,
+	}
+	_, err := NewCore(conf)
+	if err == nil {
+		t.Fatal("should error")
+	}
+}
+
 func TestCore_Init(t *testing.T) {
 	inm := physical.NewInmem()
 	conf := &CoreConfig{
@ -1026,9 +1038,10 @@ func TestCore_LimitedUseToken(t *testing.T) {
 func TestCore_Standby(t *testing.T) {
 	// Create the first core and initialize it
 	inm := physical.NewInmemHA()
+	advertiseOriginal := "http://127.0.0.1:8200"
 	core, err := NewCore(&CoreConfig{
 		Physical:      inm,
-		AdvertiseAddr: "foo",
+		AdvertiseAddr: advertiseOriginal,
 		DisableMlock:  true,
 	})
 	if err != nil {
@ -1086,14 +1099,15 @@ func TestCore_Standby(t *testing.T) {
 	if !isLeader {
 		t.Fatalf("should be leader")
 	}
-	if advertise != "foo" {
+	if advertise != advertiseOriginal {
 		t.Fatalf("Bad advertise: %v", advertise)
 	}

 	// Create a second core, attached to same in-memory store
+	advertiseOriginal2 := "http://127.0.0.1:8500"
 	core2, err := NewCore(&CoreConfig{
 		Physical:      inm,
-		AdvertiseAddr: "bar",
+		AdvertiseAddr: advertiseOriginal2,
 		DisableMlock:  true,
 	})
 	if err != nil {
@ -1135,7 +1149,7 @@ func TestCore_Standby(t *testing.T) {
 	if isLeader {
 		t.Fatalf("should not be leader")
 	}
-	if advertise != "foo" {
+	if advertise != advertiseOriginal {
 		t.Fatalf("Bad advertise: %v", advertise)
 	}

@ -1193,7 +1207,7 @@ func TestCore_Standby(t *testing.T) {
 	if !isLeader {
 		t.Fatalf("should be leader")
 	}
-	if advertise != "bar" {
+	if advertise != advertiseOriginal2 {
 		t.Fatalf("Bad advertise: %v", advertise)
 	}
 }