From d55d50b3b3a9a8e842bb25e1ee8468587cd346f4 Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Thu, 17 Sep 2020 04:48:37 +0300 Subject: [PATCH] reverseproxy: Enforce port range size of 1 at provision (#3695) * reverse_proxy: ensure upstream address has port range of only 1 * reverse_proxy: don't log the error if upstream range size is more than 1 --- modules/caddyhttp/reverseproxy/reverseproxy.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/caddyhttp/reverseproxy/reverseproxy.go b/modules/caddyhttp/reverseproxy/reverseproxy.go index d1aa49a7..910fbfc7 100644 --- a/modules/caddyhttp/reverseproxy/reverseproxy.go +++ b/modules/caddyhttp/reverseproxy/reverseproxy.go @@ -204,6 +204,13 @@ func (h *Handler) Provision(ctx caddy.Context) error { // set up upstreams for _, upstream := range h.Upstreams { + addr, err := caddy.ParseNetworkAddress(upstream.Dial) + if err != nil { + return err + } + if addr.PortRangeSize() != 1 { + return fmt.Errorf("multiple addresses (upstream must map to only one address): %v", addr) + } // create or get the host representation for this upstream var host Host = new(upstreamHost) existingHost, loaded := hosts.LoadOrStore(upstream.String(), host)