mirror of
https://github.com/yusing/godoxy.git
synced 2025-05-21 04:52:35 +02:00
77 lines
1.6 KiB
Go
77 lines
1.6 KiB
Go
package env
|
|
|
|
import (
|
|
"log"
|
|
"net"
|
|
"os"
|
|
"strings"
|
|
"sync"
|
|
|
|
"github.com/yusing/go-proxy/internal/common"
|
|
)
|
|
|
|
func DefaultAgentName() string {
|
|
name, err := os.Hostname()
|
|
if err != nil {
|
|
return "agent"
|
|
}
|
|
return name
|
|
}
|
|
|
|
var (
|
|
AgentName = common.GetEnvString("AGENT_NAME", DefaultAgentName())
|
|
AgentPort = common.GetEnvInt("AGENT_PORT", 8890)
|
|
AgentRegistrationPort = common.GetEnvInt("AGENT_REGISTRATION_PORT", 8891)
|
|
AgentSkipClientCertCheck = common.GetEnvBool("AGENT_SKIP_CLIENT_CERT_CHECK", false)
|
|
|
|
RegistrationAllowedHosts = common.GetCommaSepEnv("REGISTRATION_ALLOWED_HOSTS", "")
|
|
RegistrationAllowedCIDRs []*net.IPNet
|
|
)
|
|
|
|
func init() {
|
|
cidrs, err := toCIDRs(RegistrationAllowedHosts)
|
|
if err != nil {
|
|
log.Fatalf("failed to parse allowed hosts: %v", err)
|
|
}
|
|
RegistrationAllowedCIDRs = cidrs
|
|
}
|
|
|
|
func toCIDRs(hosts []string) ([]*net.IPNet, error) {
|
|
cidrs := make([]*net.IPNet, 0, len(hosts))
|
|
for _, host := range hosts {
|
|
if !strings.Contains(host, "/") {
|
|
host += "/32"
|
|
}
|
|
_, cidr, err := net.ParseCIDR(host)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
cidrs = append(cidrs, cidr)
|
|
}
|
|
return cidrs, nil
|
|
}
|
|
|
|
var warnOnce sync.Once
|
|
|
|
func IsAllowedHost(remoteAddr string) bool {
|
|
if len(RegistrationAllowedCIDRs) == 0 {
|
|
warnOnce.Do(func() {
|
|
log.Println("Warning: REGISTRATION_ALLOWED_HOSTS is empty, allowing all hosts")
|
|
})
|
|
return true
|
|
}
|
|
ip, _, err := net.SplitHostPort(remoteAddr)
|
|
if err != nil {
|
|
ip = remoteAddr
|
|
}
|
|
netIP := net.ParseIP(ip)
|
|
if netIP == nil {
|
|
return false
|
|
}
|
|
for _, cidr := range RegistrationAllowedCIDRs {
|
|
if cidr.Contains(netIP) {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|