bugfix iplist validation

2020-08-25 02:34:55 -06:00 · 2020-08-25 02:34:55 -06:00 · 21a0892146
parent e47ecba665
commit 21a0892146
3 changed files with 23 additions and 6 deletions
--- a/cmd/telebit/telebit.go
+++ b/cmd/telebit/telebit.go
@ -639,11 +639,23 @@ func tryToServeName(servername string, wconn *telebit.ConnWrap) bool {
 			return true
 		}

-		remoteAddr := addr.String()
-		if "127.0.0.1" != remoteAddr &&
-			"::1" != remoteAddr &&
-			"localhost" != remoteAddr {
-			ipAddr := net.ParseIP(remoteAddr)
+		// 192.168.1.100:2345
+		// [::fe12]:2345
+		remoteIP := addr.String()
+		index := strings.LastIndex(remoteIP, ":")
+		if index < 1 {
+			// TODO how to handle unexpected invalid address?
+			wconn.Close()
+			return true
+		}
+		remoteIP = remoteIP[:index]
+
+		fmt.Println("remote addr:", remoteIP)
+
+		if "127.0.0.1" != remoteIP &&
+			"::1" != remoteIP &&
+			"localhost" != remoteIP {
+			ipAddr := net.ParseIP(remoteIP)
 			if nil == ipAddr {
 				wconn.Close()
 				return true
--- a/examples/run-as-relay.sh
+++ b/examples/run-as-relay.sh
@ -13,6 +13,9 @@ fi

 source .env

+SPF_HOSTNAME="${SPF_HOSTNAME:-""}"
+#SPF_HOSTNAME="_allowed.example.com"
+
 # For Tunnel Relay Server
 API_HOSTNAME=${API_HOSTNAME:-"devices.example.com"}
 LISTEN="${LISTEN:-":80 :443"}"
@ -29,6 +32,7 @@ ACME_AGREE=${ACME_AGREE:-}
 ACME_EMAIL="${ACME_EMAIL:-}"

 ./telebit \
+    --spf-domain $SPF_HOSTNAME \
    --api-hostname $API_HOSTNAME \
    --auth-url $AUTH_URL \
    --acme-agree "$ACME_AGREE" \
--- a/iplist/iplist.go
+++ b/iplist/iplist.go
@ -73,9 +73,10 @@ func updateTxt(txtDomain string) error {
 		if nil != err {
 			continue
 		}
-		if len(fields) > 0 {
+		if len(newFields) > 0 {
 			break
 		}
+		return fmt.Errorf("no spf records found")
 	}

 	// TODO put a lock here?