sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-21 01:36:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

clean up proxy reported urls when using them for validation

Browse Source
This commit is contained in:
Alisdair MacLeod
2026-02-02 15:59:24 +00:00
parent a73ee47557
commit 3168afbfcb
1 changed files with 30 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
management/internals/modules/reverseproxy/domain/manager.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"fmt" "fmt"
"net" "net"
"net/url"
"github.com/netbirdio/netbird/management/server/types" "github.com/netbirdio/netbird/management/server/types"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
@@ -102,11 +103,7 @@ func (m Manager) CreateDomain(ctx context.Context, accountID, domainName string)
// because the user may not yet have configured their DNS records, or the DNS update // because the user may not yet have configured their DNS records, or the DNS update
// has not yet reached the servers that are queried by the validation resolver. // has not yet reached the servers that are queried by the validation resolver.
var validated bool var validated bool
var reverseProxyAddresses []string if m.validator.IsValid(ctx, domainName, m.proxyURLAllowList()) {
if m.proxyURLProvider != nil {
reverseProxyAddresses = m.proxyURLProvider.GetConnectedProxyURLs()
}
if m.validator.IsValid(ctx, domainName, reverseProxyAddresses) {
validated = true validated = true
} }
@@ -135,11 +132,8 @@ func (m Manager) ValidateDomain(accountID, domainID string) {
}).WithError(err).Error("get custom domain from store") }).WithError(err).Error("get custom domain from store")
return return
} }
var reverseProxyAddresses []string
if m.proxyURLProvider != nil { if m.validator.IsValid(context.Background(), d.Domain, m.proxyURLAllowList()) {
reverseProxyAddresses = m.proxyURLProvider.GetConnectedProxyURLs()
}
if m.validator.IsValid(context.Background(), d.Domain, reverseProxyAddresses) {
log.WithFields(log.Fields{ log.WithFields(log.Fields{
"accountID": accountID, "accountID": accountID,
"domainID": domainID, "domainID": domainID,
@@ -156,3 +150,29 @@ func (m Manager) ValidateDomain(accountID, domainID string) {
} }
} }
} }
// proxyURLAllowList retrieves a list of currently connected proxies and
// their URLs (as reported by the proxy servers). It performs some clean
// up on those URLs to attempt to retrieve domain names as we would
// expect to see them in a validation check.
func (m Manager) proxyURLAllowList() []string {
var reverseProxyAddresses []string
if m.proxyURLProvider != nil {
reverseProxyAddresses = m.proxyURLProvider.GetConnectedProxyURLs()
}
var allowedProxyURLs []string
for _, addr := range reverseProxyAddresses {
proxyUrl, err := url.Parse(addr)
if err != nil {
// TODO: log?
continue
}
host, _, err := net.SplitHostPort(proxyUrl.Host)
if err != nil {
// TODO: log?
host = proxyUrl.Host
}
allowedProxyURLs = append(allowedProxyURLs, host)
}
return allowedProxyURLs
}