Support hostname:port to pass host matcher's check (#19543) (#19544)

Backport #19543 
hostmatcher: split the hostname from the hostname:port string, use the correct hostname to do the match.
This commit is contained in:
wxiaoguang 2022-04-29 01:41:58 +08:00 committed by GitHub
parent 74602bb487
commit b86606fa38
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 2 deletions

View file

@ -127,13 +127,18 @@ func (hl *HostMatchList) checkIP(ip net.IP) bool {
// MatchHostName checks if the host matches an allow/deny(block) list // MatchHostName checks if the host matches an allow/deny(block) list
func (hl *HostMatchList) MatchHostName(host string) bool { func (hl *HostMatchList) MatchHostName(host string) bool {
hostname, _, err := net.SplitHostPort(host)
if err != nil {
hostname = host
}
if hl == nil { if hl == nil {
return false return false
} }
if hl.checkPattern(host) { if hl.checkPattern(hostname) {
return true return true
} }
if ip := net.ParseIP(host); ip != nil { if ip := net.ParseIP(hostname); ip != nil {
return hl.checkIP(ip) return hl.checkIP(ip)
} }
return false return false

View file

@ -38,6 +38,7 @@ func TestHostOrIPMatchesList(t *testing.T) {
{"", net.ParseIP("10.0.1.1"), true}, {"", net.ParseIP("10.0.1.1"), true},
{"10.0.1.1", nil, true}, {"10.0.1.1", nil, true},
{"10.0.1.1:8080", nil, true},
{"", net.ParseIP("192.168.1.1"), true}, {"", net.ParseIP("192.168.1.1"), true},
{"192.168.1.1", nil, true}, {"192.168.1.1", nil, true},
{"", net.ParseIP("fd00::1"), true}, {"", net.ParseIP("fd00::1"), true},
@ -48,6 +49,7 @@ func TestHostOrIPMatchesList(t *testing.T) {
{"mydomain.com", net.IPv4zero, false}, {"mydomain.com", net.IPv4zero, false},
{"sub.mydomain.com", net.IPv4zero, true}, {"sub.mydomain.com", net.IPv4zero, true},
{"sub.mydomain.com:8080", net.IPv4zero, true},
{"", net.ParseIP("169.254.1.1"), true}, {"", net.ParseIP("169.254.1.1"), true},
{"169.254.1.1", nil, true}, {"169.254.1.1", nil, true},