Skip to content

Commit

Permalink
Fix process based API authentication when API listens on 0.0.0.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@dhaavi
dhaavi committed May 8, 2024
1 parent 9f21e87 commit a352660
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion service/firewall/api.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,11 @@ func apiAuthenticator(r *http.Request, s *http.Server) (token *api.AuthToken, er
if err != nil {
return nil, fmt.Errorf("failed to get local IP/Port: %w", err)
}
// Correct 0.0.0.0 to 127.0.0.1 to fix local process-based authentication,
// if 0.0.0.0 is used as the API listen address.
if localIP.Equal(net.IPv4zero) {
localIP = net.IPv4(127, 0, 0, 1)
}

// get remote IP/Port
remoteIP, remotePort, err := netutils.ParseIPPort(r.RemoteAddr)
Expand Down Expand Up @@ -110,7 +115,6 @@ func apiAuthenticator(r *http.Request, s *http.Server) (token *api.AuthToken, er
if !retry {
break
}

// wait a little
time.Sleep(500 * time.Millisecond)
}
Expand Down

0 comments on commit a352660

Please sign in to comment.