baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Propagate insecure in white list.

Browse source
This commit is contained in:
Ludovic Fernandez 2018-03-08 15:08:03 +01:00 committed by Traefiker Bot
parent 862957c30c
commit 59f7b2ea98
2 changed files with 55 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
whitelist/ip.go
View file

@ -17,10 +17,10 @@ type IP struct {
// NewIP builds a new IP given a list of CIDR-Strings to whitelist // NewIP builds a new IP given a list of CIDR-Strings to whitelist
func NewIP(whitelistStrings []string, insecure bool) (*IP, error) { func NewIP(whitelistStrings []string, insecure bool) (*IP, error) {
if len(whitelistStrings) == 0 && !insecure { if len(whitelistStrings) == 0 && !insecure {
return nil, errors.New("no whiteListsNet provided") return nil, errors.New("no white list provided")
} }
ip := IP{} ip := IP{insecure: insecure}
if !insecure { if !insecure {
for _, whitelistString := range whitelistStrings { for _, whitelistString := range whitelistStrings {

57
whitelist/ip_test.go
View file

@ -19,12 +19,12 @@ func TestNew(t *testing.T) {
desc: "nil whitelist", desc: "nil whitelist",
whitelistStrings: nil, whitelistStrings: nil,
expectedWhitelists: nil, expectedWhitelists: nil,
errMessage: "no whiteListsNet provided", errMessage: "no white list provided",
}, { }, {
desc: "empty whitelist", desc: "empty whitelist",
whitelistStrings: []string{}, whitelistStrings: []string{},
expectedWhitelists: nil, expectedWhitelists: nil,
errMessage: "no whiteListsNet provided", errMessage: "no white list provided",
}, { }, {
desc: "whitelist containing empty string", desc: "whitelist containing empty string",
whitelistStrings: []string{ whitelistStrings: []string{
@ -90,7 +90,7 @@ func TestNew(t *testing.T) {
} }
} }
func TestIsAllowed(t *testing.T) { func TestContainsIsAllowed(t *testing.T) {
cases := []struct { cases := []struct {
desc string desc string
whitelistStrings []string whitelistStrings []string
@ -275,6 +275,7 @@ func TestIsAllowed(t *testing.T) {
test := test test := test
t.Run(test.desc, func(t *testing.T) { t.Run(test.desc, func(t *testing.T) {
t.Parallel() t.Parallel()
whiteLister, err := NewIP(test.whitelistStrings, false) whiteLister, err := NewIP(test.whitelistStrings, false)
require.NoError(t, err) require.NoError(t, err)
@ -297,7 +298,55 @@ func TestIsAllowed(t *testing.T) {
} }
} }
func TestBrokenIPs(t *testing.T) { func TestContainsInsecure(t *testing.T) {
mustNewIP := func(whitelistStrings []string, insecure bool) *IP {
ip, err := NewIP(whitelistStrings, insecure)
if err != nil {
t.Fatal(err)
}
return ip
}
testCases := []struct {
desc string
whiteLister *IP
ip string
expected bool
}{
{
desc: "valid ip and insecure",
whiteLister: mustNewIP([]string{"1.2.3.4/24"}, true),
ip: "1.2.3.1",
expected: true,
},
{
desc: "invalid ip and insecure",
whiteLister: mustNewIP([]string{"1.2.3.4/24"}, true),
ip: "10.2.3.1",
expected: true,
},
{
desc: "invalid ip and secure",
whiteLister: mustNewIP([]string{"1.2.3.4/24"}, false),
ip: "10.2.3.1",
expected: false,
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
ok, _, err := test.whiteLister.Contains(test.ip)
require.NoError(t, err)
assert.Equal(t, test.expected, ok)
})
}
}
func TestContainsBrokenIPs(t *testing.T) {
brokenIPs := []string{ brokenIPs := []string{
"foo", "foo",
"10.0.0.350", "10.0.0.350",