Skip to content

Commit

Permalink
fix: allowing no_proxy to use ipv6 values
Browse files Browse the repository at this point in the history
closes: #6781

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
  • Loading branch information
shawkins authored Jan 13, 2025
1 parent 13b3909 commit 2939fbe
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 6 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
#### Bugs

* Fix #6747: Preventing websocket error logs when the client is closed
* Fix #6781: Allowing ipv6 entries to work in NO_PROXY

#### Improvements

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -73,8 +73,9 @@ public void before(BasicBuilder builder, HttpRequest request, RequestTags tags)
private static final String HEADER_INTERCEPTOR = "HEADER";
private static final String KUBERNETES_BACKWARDS_COMPATIBILITY_INTERCEPTOR_DISABLE = "kubernetes.backwardsCompatibilityInterceptor.disable";
private static final String BACKWARDS_COMPATIBILITY_DISABLE_DEFAULT = "true";
private static final Pattern IPV4_PATTERN = Pattern.compile(
"(http://|https://)?(?<ipAddressOrSubnet>(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])(\\/([1-2]\\d|3[0-2]|\\d))?)(\\D+|$)");
private static final Pattern IP_PATTERN = Pattern.compile(
"(http(s?)://)?(?<ipAddressOrSubnet>((\\d{1,3}(.\\d{1,3}){3})|([a-f\\d]{1,4}(\\:[a-f\\d]{0,4}){2,7}))(/\\d+)?)",
Pattern.CASE_INSENSITIVE);
private static final Pattern INVALID_HOST_PATTERN = Pattern.compile("[^\\da-zA-Z.\\-/:]+");

private HttpClientUtils() {
Expand Down Expand Up @@ -296,8 +297,8 @@ static boolean isHostMatchedByNoProxy(String host, String[] noProxies) throws Ma
}

private static Optional<String> extractIpAddressOrSubnet(String ipAddressOrSubnet) {
final Matcher ipMatcher = IPV4_PATTERN.matcher(ipAddressOrSubnet);
if (ipMatcher.find()) {
final Matcher ipMatcher = IP_PATTERN.matcher(ipAddressOrSubnet);
if (ipMatcher.matches()) {
return Optional.of(ipMatcher.group("ipAddressOrSubnet"));
}
return Optional.empty();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,7 @@ Stream<Arguments> masterHostnameDoesMatchNoProxyInput() {
arguments("192.168.1.110", new String[] { "192.168.1.0/24" }),
arguments("192.168.1.110", new String[] { "http://192.168.1.0/24" }),
arguments("192.168.1.110", new String[] { "192.0.0.0/8" }),
arguments("2620:52:0:9c:0:0:0:1", new String[] { "2620:52:0:9c::/64" }),
arguments("192.168.1.110", new String[] { "http://192.0.0.0/8" }));
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@ static Stream<Arguments> matchesTrueInput() {
arguments("192.168.10.110", "192.168.10.110"),
arguments("192.168.1.0/8", "192.168.10.110"),
arguments("192.168.1.0/24", "192.168.1.100"),
arguments("10.96.0.1", "0:0:0:0:0:ffff:0a60:0001"),
arguments("2620:52:0:9c::/64", "2620:52:0:9c:0:0:0:1"),
arguments("0.0.0.0/0", "123.4.5.6"),
arguments("0.0.0.0/0", "192.168.0.159"),
arguments("192.168.0.159/0", "123.4.5.6"),
Expand All @@ -59,7 +61,6 @@ static Stream<Arguments> matchesFalseInput() {
arguments("192.168.1.0/24", "193.168.1.10"),
arguments("192.168.1.0/24", "192.168.2.10"),
arguments("192.168.1.0/8", "193.168.1.10"),
arguments("192.168.1.128/25", "192.168.1.104"),
arguments("kubernetes.default.svc", "kubernetes.default.svc"));
arguments("192.168.1.128/25", "192.168.1.104"));
}
}

0 comments on commit 2939fbe

Please sign in to comment.