Merge pull request #11288 from estesp/warn-on-localhost-dns
Add warning for --dns flag set to localhost addresses.
This commit is contained in:
commit
c7bac5a484
1 changed files with 14 additions and 5 deletions
|
@ -23,8 +23,10 @@ var (
|
|||
// For readability and sufficiency for Docker purposes this seemed more reasonable than a
|
||||
// 1000+ character regexp with exact and complete IPv6 validation
|
||||
ipv6Address = `([0-9A-Fa-f]{0,4}:){2,7}([0-9A-Fa-f]{0,4})`
|
||||
ipLocalhost = `((127\.([0-9]{1,3}.){2}[0-9]{1,3})|(::1))`
|
||||
|
||||
localhostRegexp = regexp.MustCompile(`(?m)^nameserver\s+((127\.([0-9]{1,3}.){2}[0-9]{1,3})|(::1))\s*\n*`)
|
||||
localhostIPRegexp = regexp.MustCompile(ipLocalhost)
|
||||
localhostNSRegexp = regexp.MustCompile(`(?m)^nameserver\s+` + ipLocalhost + `\s*\n*`)
|
||||
nsIPv6Regexp = regexp.MustCompile(`(?m)^nameserver\s+` + ipv6Address + `\s*\n*`)
|
||||
nsRegexp = regexp.MustCompile(`^\s*nameserver\s*((` + ipv4Address + `)|(` + ipv6Address + `))\s*$`)
|
||||
searchRegexp = regexp.MustCompile(`^\s*search\s*(([^\s]+\s*)*)$`)
|
||||
|
@ -87,7 +89,7 @@ func GetLastModified() ([]byte, string) {
|
|||
// It also returns a boolean to notify the caller if changes were made at all
|
||||
func FilterResolvDns(resolvConf []byte, ipv6Enabled bool) ([]byte, bool) {
|
||||
changed := false
|
||||
cleanedResolvConf := localhostRegexp.ReplaceAll(resolvConf, []byte{})
|
||||
cleanedResolvConf := localhostNSRegexp.ReplaceAll(resolvConf, []byte{})
|
||||
// if IPv6 is not enabled, also clean out any IPv6 address nameserver
|
||||
if !ipv6Enabled {
|
||||
cleanedResolvConf = nsIPv6Regexp.ReplaceAll(cleanedResolvConf, []byte{})
|
||||
|
@ -124,6 +126,13 @@ func getLines(input []byte, commentMarker []byte) [][]byte {
|
|||
return output
|
||||
}
|
||||
|
||||
// returns true if the IP string matches the localhost IP regular expression.
|
||||
// Used for determining if nameserver settings are being passed which are
|
||||
// localhost addresses
|
||||
func IsLocalhost(ip string) bool {
|
||||
return localhostIPRegexp.MatchString(ip)
|
||||
}
|
||||
|
||||
// GetNameservers returns nameservers (if any) listed in /etc/resolv.conf
|
||||
func GetNameservers(resolvConf []byte) []string {
|
||||
nameservers := []string{}
|
||||
|
|
Loading…
Reference in a new issue