换成单集群模式
This commit is contained in:
robin
@@ -31,6 +31,7 @@ import (
|
||||
"os"
|
||||
"os/exec"
|
||||
"os/signal"
|
||||
"regexp"
|
||||
"runtime"
|
||||
"runtime/debug"
|
||||
"syscall"
|
||||
@@ -328,6 +329,13 @@ func (this *DNSNode) start() {
|
||||
apiConfig.NumberId = config.Id
|
||||
}
|
||||
|
||||
// 验证 NodeId 防止路径遍历
|
||||
var nodeIdRegexp = regexp.MustCompile(`^[a-zA-Z0-9_\-]+$`)
|
||||
if !nodeIdRegexp.MatchString(config.NodeId) {
|
||||
remotelogs.Error("NODE", "invalid NodeId: contains illegal characters")
|
||||
return
|
||||
}
|
||||
|
||||
var db = dbs.NewDB(Tea.Root + "/data/data-" + types.String(config.Id) + "-" + config.NodeId + "-v0.1.0.db")
|
||||
err = db.Init()
|
||||
if err != nil {
|
||||
|
||||
@@ -247,6 +247,15 @@ func (this *Server) parseAction(questionName string, remoteAddr *string) (string
|
||||
return "", errors.New("decode question option failed: " + err.Error())
|
||||
} else {
|
||||
var ip = m.GetString("ip")
|
||||
// 验证 IP 地址合法性,防止 IP 欺骗
|
||||
parsedIP := net.ParseIP(ip)
|
||||
if parsedIP == nil {
|
||||
return "", errors.New("invalid IP address in setRemoteAddr: " + ip)
|
||||
}
|
||||
// 拒绝回环地址和未指定地址
|
||||
if parsedIP.IsLoopback() || parsedIP.IsUnspecified() {
|
||||
return "", errors.New("disallowed IP address in setRemoteAddr: " + ip)
|
||||
}
|
||||
*remoteAddr = ip
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user