fluidB
/
fluidb-old
1
0
Fork 0
Code Pull Requests Activity

Merge pull request #1058 from rqlite/error-on-unroutable

Browse Source 
Terminate if any advertised address is unroutable
master
Philip O'Toole 2 years ago committed by GitHub
parent 7211e4d93b 9c38903bb4
commit 08af993b46
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 30 additions and 7 deletions
Show Stats Download Patch File Download Diff File

5
CHANGELOG.md
Unescape Escape View File

@ -1,3 +1,8 @@
## 7.6.1 (unreleased)
### Implementation changes and bug fixes
- [PR #1058](https://github.com/rqlite/rqlite/pull/1058): `rqlited` terminates if passed unroutable advertised Raft or HTTP addresses.
## 7.6.0 (July 19th 2022)
### New features
- [PR #1055](https://github.com/rqlite/rqlite/pull/1055): Add new `join-read-only` permission.

32
cmd/rqlited/flags.go
Unescape Escape View File

@ -20,6 +20,11 @@ const (
DiscoModeEtcdKV = "etcd-kv"
DiscoModeDNS = "dns"
DiscoModeDNSSRV = "dns-srv"
HTTPAddrFlag = "http-addr"
HTTPAdvAddrFlag = "http-adv-addr"
RaftAddrFlag = "raft-addr"
RaftAdvAddrFlag = "raft-adv-addr"
)
// Config represents the configuration as set by command-line flags.
@ -223,15 +228,28 @@ func (c *Config) Validate() error {
if _, _, err := net.SplitHostPort(c.HTTPAddr); err != nil {
return errors.New("HTTP bind address not valid")
}
if _, _, err := net.SplitHostPort(c.HTTPAdv); err != nil {
return errors.New("HTTP advertised address not valid")
hadv, _, err := net.SplitHostPort(c.HTTPAdv)
if err != nil {
return errors.New("HTTP advertised HTTP address not valid")
}
if addr := net.ParseIP(hadv); addr != nil && addr.IsUnspecified() {
return fmt.Errorf("advertised HTTP address is not routable (%s), specify it via -%s or -%s",
hadv, HTTPAddrFlag, HTTPAdvAddrFlag)
}
if _, _, err := net.SplitHostPort(c.RaftAddr); err != nil {
return errors.New("raft bind address not valid")
}
if _, _, err := net.SplitHostPort(c.RaftAdv); err != nil {
radv, _, err := net.SplitHostPort(c.RaftAdv)
if err != nil {
return errors.New("raft advertised address not valid")
}
if addr := net.ParseIP(radv); addr != nil && addr.IsUnspecified() {
return fmt.Errorf("advertised Raft address is not routable (%s), specify it via -%s or -%s",
radv, RaftAddrFlag, RaftAdvAddrFlag)
}
// Enforce bootstrapping policies
if c.BootstrapExpect > 0 && c.RaftNonVoter {
@ -327,8 +345,8 @@ func ParseFlags(name, desc string, build *BuildInfo) (*Config, error) {
showVersion := false
flag.StringVar(&config.NodeID, "node-id", "", "Unique name for node. If not set, set to advertised Raft address")
flag.StringVar(&config.HTTPAddr, "http-addr", "localhost:4001", "HTTP server bind address. To enable HTTPS, set X.509 cert and key")
flag.StringVar(&config.HTTPAdv, "http-adv-addr", "", "Advertised HTTP address. If not set, same as HTTP server bind")
flag.StringVar(&config.HTTPAddr, HTTPAddrFlag, "localhost:4001", "HTTP server bind address. To enable HTTPS, set X.509 cert and key")
flag.StringVar(&config.HTTPAdv, HTTPAdvAddrFlag, "", "Advertised HTTP address. If not set, same as HTTP server bind")
flag.BoolVar(&config.TLS1011, "tls1011", false, "Support deprecated TLS versions 1.0 and 1.1")
flag.StringVar(&config.X509CACert, "http-ca-cert", "", "Path to root X.509 certificate for HTTP endpoint")
flag.StringVar(&config.X509Cert, "http-cert", "", "Path to X.509 certificate for HTTP endpoint")
@ -340,8 +358,8 @@ func ParseFlags(name, desc string, build *BuildInfo) (*Config, error) {
flag.StringVar(&config.NodeX509Key, "node-key", "key.pem", "Path to X.509 private key for node-to-node encryption")
flag.BoolVar(&config.NoNodeVerify, "node-no-verify", false, "Skip verification of a remote node cert")
flag.StringVar(&config.AuthFile, "auth", "", "Path to authentication and authorization file. If not set, not enabled")
flag.StringVar(&config.RaftAddr, "raft-addr", "localhost:4002", "Raft communication bind address")
flag.StringVar(&config.RaftAdv, "raft-adv-addr", "", "Advertised Raft communication address. If not set, same as Raft bind")
flag.StringVar(&config.RaftAddr, RaftAddrFlag, "localhost:4002", "Raft communication bind address")
flag.StringVar(&config.RaftAdv, RaftAdvAddrFlag, "", "Advertised Raft communication address. If not set, same as Raft bind")
flag.StringVar(&config.JoinSrcIP, "join-source-ip", "", "Set source IP address during Join request")
flag.StringVar(&config.JoinAddr, "join", "", "Comma-delimited list of nodes, through which a cluster can be joined (proto://host:port)")
flag.StringVar(&config.JoinAs, "join-as", "", "Username in authentication file to join as. If not set, joins anonymously")

Write Preview
Loading…
Cancel
Save