Caddy-Reverse_Proxy
/
caddy
mirror of https://github.com/caddyserver/caddy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

feat: Prevent user-defined listeners from conflicting with Admin API

pull/7060/head
Breno 2025-06-11 15:49:32 -03:00
parent 0f209f62eb
commit d019a2b0a4
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
listeners.go
View File

@ -697,3 +697,15 @@ type ListenerWrapper interface {
var listenerPool = NewUsagePool() var listenerPool = NewUsagePool()
const maxPortSpan = 65535 const maxPortSpan = 65535
func ConflictWithAdminAddr(addr NetworkAddress) bool {
adminAddr := NetworkAddress{
StartPort: uint(2019),
EndPort: uint(2019),
}
if addr.StartPort <= adminAddr.EndPort && addr.EndPort >= adminAddr.StartPort {
Log().Error("conflict with admin api", zap.Uint("addr", addr.StartPort), zap.Uint("admin", adminAddr.StartPort))
return true
}
return false
}

4
modules/caddyhttp/app.go
View File

@ -417,6 +417,10 @@ func (app *App) Validate() error {
// each server must use distinct listener addresses // each server must use distinct listener addresses
for _, addr := range srv.Listen { for _, addr := range srv.Listen {
listenAddr, err := caddy.ParseNetworkAddress(addr) listenAddr, err := caddy.ParseNetworkAddress(addr)
// check for conflict with admin API
if caddy.ConflictWithAdminAddr(listenAddr) {
return fmt.Errorf("listener address '%s' already claimed by admin API", addr)
}
if err != nil { if err != nil {
return fmt.Errorf("invalid listener address '%s': %v", addr, err) return fmt.Errorf("invalid listener address '%s': %v", addr, err)
} }