Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit416b5ff

Browse files
committed
review
1 parentef7f40a commit416b5ff

File tree

5 files changed

+100
-77
lines changed

5 files changed

+100
-77
lines changed

‎cli/cliui/agent.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -403,10 +403,10 @@ func ConnDiagnostics(w io.Writer, d ConnDiags) {
403403
}
404404

405405
ifd.ClientIPIsAWS {
406-
_,_=fmt.Fprint(w,"❗ Client IP address is within an AWS range,and istherefore behind ahard NAT\n")
406+
_,_=fmt.Fprint(w,"❗ Client IP address is within an AWS range,which isknown to cause problems with forming direct connections (AWS useshard NAT)\n")
407407
}
408408

409409
ifd.AgentIPIsAWS {
410-
_,_=fmt.Fprint(w,"❗ Agent IP address is within an AWS range,and istherefore behind ahard NAT\n")
410+
_,_=fmt.Fprint(w,"❗ Agent IP address is within an AWS range,which isknown to cause problems with forming direct connections (AWS useshard NAT)\n")
411411
}
412412
}

‎cli/cliui/agent_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -790,7 +790,7 @@ func TestConnDiagnostics(t *testing.T) {
790790
},
791791
want: []string{
792792
`❗ You are connected via a DERP relay, not directly (p2p)`,
793-
`❗ Client IP address is within an AWS range,and istherefore behind ahard NAT`,
793+
`❗ Client IP address is within an AWS range,which isknown to cause problems with forming direct connections (AWS useshard NAT)`,
794794
},
795795
},
796796
{
@@ -801,7 +801,7 @@ func TestConnDiagnostics(t *testing.T) {
801801
},
802802
want: []string{
803803
`❗ You are connected via a DERP relay, not directly (p2p)`,
804-
`❗ Agent IP address is within an AWS range,and istherefore behind ahard NAT`,
804+
`❗ Agent IP address is within an AWS range,which isknown to cause problems with forming direct connections (AWS useshard NAT)`,
805805
},
806806
},
807807
}

‎cli/cliutil/awscheck.go

Lines changed: 50 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -11,33 +11,39 @@ import (
1111
"golang.org/x/xerrors"
1212
)
1313

14-
constawsIPRangesURL="https://ip-ranges.amazonaws.com/ip-ranges.json"
14+
constAWSIPRangesURL="https://ip-ranges.amazonaws.com/ip-ranges.json"
1515

16-
typeAWSIPv4Prefixstruct {
16+
typeawsIPv4Prefixstruct {
1717
Prefixstring`json:"ip_prefix"`
1818
Regionstring`json:"region"`
1919
Servicestring`json:"service"`
2020
NetworkBorderGroupstring`json:"network_border_group"`
2121
}
2222

23-
typeAWSIPv6Prefixstruct {
24-
Prefixstring`json:"ipv6_prefix"`
25-
Regionstring`json:"region"`
26-
Servicestring`json:"service"`
23+
typeawsIPv6Prefixstruct {
24+
Prefixstring`json:"ipv6_prefix"`
25+
Regionstring`json:"region"`
26+
Servicestring`json:"service"`
27+
NetworkBorderGroupstring`json:"network_border_group"`
2728
}
2829

2930
typeAWSIPRangesstruct {
31+
V4 []netip.Prefix
32+
V6 []netip.Prefix
33+
}
34+
35+
typeawsIPRangesResponsestruct {
3036
SyncTokenstring`json:"syncToken"`
3137
CreateDatestring`json:"createDate"`
32-
IPV4Prefixes []AWSIPv4Prefix`json:"prefixes"`
33-
IPV6Prefixes []AWSIPv6Prefix`json:"ipv6_prefixes"`
38+
IPV4Prefixes []awsIPv4Prefix`json:"prefixes"`
39+
IPV6Prefixes []awsIPv6Prefix`json:"ipv6_prefixes"`
3440
}
3541

36-
funcNewAWSIPRanges(ctx context.Context) (*AWSIPRanges,error) {
42+
funcFetchAWSIPRanges(ctx context.Context,urlstring) (*AWSIPRanges,error) {
3743
client:=&http.Client{}
3844
reqCtx,reqCancel:=context.WithTimeout(ctx,5*time.Second)
3945
deferreqCancel()
40-
req,_:=http.NewRequestWithContext(reqCtx,http.MethodGet,awsIPRangesURL,nil)
46+
req,_:=http.NewRequestWithContext(reqCtx,http.MethodGet,url,nil)
4147
resp,err:=client.Do(req)
4248
iferr!=nil {
4349
returnnil,err
@@ -49,40 +55,54 @@ func NewAWSIPRanges(ctx context.Context) (*AWSIPRanges, error) {
4955
returnnil,xerrors.Errorf("unexpected status code %d: %s",resp.StatusCode,b)
5056
}
5157

52-
varoutAWSIPRanges
53-
err=json.NewDecoder(resp.Body).Decode(&out)
58+
varbodyawsIPRangesResponse
59+
err=json.NewDecoder(resp.Body).Decode(&body)
5460
iferr!=nil {
5561
returnnil,xerrors.Errorf("json decode: %w",err)
5662
}
57-
return&out,nil
63+
64+
out:=&AWSIPRanges{
65+
V4:make([]netip.Prefix,0,len(body.IPV4Prefixes)),
66+
V6:make([]netip.Prefix,0,len(body.IPV6Prefixes)),
67+
}
68+
69+
for_,p:=rangebody.IPV4Prefixes {
70+
prefix,err:=netip.ParsePrefix(p.Prefix)
71+
iferr!=nil {
72+
returnnil,xerrors.Errorf("parse ip prefix: %w",err)
73+
}
74+
out.V4=append(out.V4,prefix)
75+
}
76+
77+
for_,p:=rangebody.IPV6Prefixes {
78+
prefix,err:=netip.ParsePrefix(p.Prefix)
79+
iferr!=nil {
80+
returnnil,xerrors.Errorf("parse ip prefix: %w",err)
81+
}
82+
out.V6=append(out.V6,prefix)
83+
}
84+
85+
returnout,nil
5886
}
5987

6088
// CheckIP checks if the given IP address is an AWS IP.
61-
func (r*AWSIPRanges)CheckIP(ip netip.Addr)(bool,error) {
89+
func (r*AWSIPRanges)CheckIP(ip netip.Addr)bool {
6290
ifip.IsLoopback()||ip.IsLinkLocalMulticast()||ip.IsLinkLocalUnicast()||ip.IsPrivate() {
63-
returnfalse,nil
91+
returnfalse
6492
}
6593

6694
ifip.Is4() {
67-
for_,p:=ranger.IPV4Prefixes {
68-
prefix,err:=netip.ParsePrefix(p.Prefix)
69-
iferr!=nil {
70-
returnfalse,xerrors.Errorf("parse ip prefix: %w",err)
71-
}
72-
ifprefix.Contains(ip) {
73-
returntrue,nil
95+
for_,p:=ranger.V4 {
96+
ifp.Contains(ip) {
97+
returntrue
7498
}
7599
}
76100
}else {
77-
for_,p:=ranger.IPV6Prefixes {
78-
prefix,err:=netip.ParsePrefix(p.Prefix)
79-
iferr!=nil {
80-
returnfalse,xerrors.Errorf("parse ip prefix: %w",err)
81-
}
82-
ifprefix.Contains(ip) {
83-
returntrue,nil
101+
for_,p:=ranger.V6 {
102+
ifp.Contains(ip) {
103+
returntrue
84104
}
85105
}
86106
}
87-
returnfalse,nil
107+
returnfalse
88108
}
Lines changed: 38 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,72 +1,95 @@
1-
packagecliutil_test
1+
packagecliutil
22

33
import (
4+
"context"
5+
"net/http"
6+
"net/http/httptest"
47
"net/netip"
58
"testing"
69

710
"github.com/stretchr/testify/require"
811

9-
"github.com/coder/coder/v2/cli/cliutil"
12+
"github.com/coder/coder/v2/coderd/httpapi"
1013
"github.com/coder/coder/v2/testutil"
1114
)
1215

1316
funcTestIPV4Check(t*testing.T) {
1417
t.Parallel()
18+
srv:=httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter,r*http.Request) {
19+
httpapi.Write(context.Background(),w,http.StatusOK,awsIPRangesResponse{
20+
IPV4Prefixes: []awsIPv4Prefix{
21+
{
22+
Prefix:"3.24.0.0/14",
23+
},
24+
{
25+
Prefix:"15.230.15.29/32",
26+
},
27+
{
28+
Prefix:"47.128.82.100/31",
29+
},
30+
},
31+
IPV6Prefixes: []awsIPv6Prefix{
32+
{
33+
Prefix:"2600:9000:5206::/48",
34+
},
35+
{
36+
Prefix:"2406:da70:8800::/40",
37+
},
38+
{
39+
Prefix:"2600:1f68:5000::/40",
40+
},
41+
},
42+
})
43+
}))
1544
ctx:=testutil.Context(t,testutil.WaitShort)
16-
ranges,err:=cliutil.NewAWSIPRanges(ctx)
45+
ranges,err:=FetchAWSIPRanges(ctx,srv.URL)
1746
require.NoError(t,err)
1847

1948
t.Run("Private/IPV4",func(t*testing.T) {
2049
t.Parallel()
2150
ip,err:=netip.ParseAddr("192.168.0.1")
2251
require.NoError(t,err)
23-
isAws,err:=ranges.CheckIP(ip)
24-
require.NoError(t,err)
52+
isAws:=ranges.CheckIP(ip)
2553
require.False(t,isAws)
2654
})
2755

2856
t.Run("AWS/IPV4",func(t*testing.T) {
2957
t.Parallel()
3058
ip,err:=netip.ParseAddr("3.25.61.113")
3159
require.NoError(t,err)
32-
isAws,err:=ranges.CheckIP(ip)
33-
require.NoError(t,err)
60+
isAws:=ranges.CheckIP(ip)
3461
require.True(t,isAws)
3562
})
3663

3764
t.Run("NonAWS/IPV4",func(t*testing.T) {
3865
t.Parallel()
3966
ip,err:=netip.ParseAddr("159.196.123.40")
4067
require.NoError(t,err)
41-
isAws,err:=ranges.CheckIP(ip)
42-
require.NoError(t,err)
68+
isAws:=ranges.CheckIP(ip)
4369
require.False(t,isAws)
4470
})
4571

4672
t.Run("Private/IPV6",func(t*testing.T) {
4773
t.Parallel()
4874
ip,err:=netip.ParseAddr("::1")
4975
require.NoError(t,err)
50-
isAws,err:=ranges.CheckIP(ip)
51-
require.NoError(t,err)
76+
isAws:=ranges.CheckIP(ip)
5277
require.False(t,isAws)
5378
})
5479

5580
t.Run("AWS/IPV6",func(t*testing.T) {
5681
t.Parallel()
5782
ip,err:=netip.ParseAddr("2600:9000:5206:0001:0000:0000:0000:0001")
5883
require.NoError(t,err)
59-
isAws,err:=ranges.CheckIP(ip)
60-
require.NoError(t,err)
84+
isAws:=ranges.CheckIP(ip)
6185
require.True(t,isAws)
6286
})
6387

6488
t.Run("NonAWS/IPV6",func(t*testing.T) {
6589
t.Parallel()
6690
ip,err:=netip.ParseAddr("2403:5807:885f:0:a544:49d4:58f8:aedf")
6791
require.NoError(t,err)
68-
isAws,err:=ranges.CheckIP(ip)
69-
require.NoError(t,err)
92+
isAws:=ranges.CheckIP(ip)
7093
require.False(t,isAws)
7194
})
7295
}

‎cli/ping.go

Lines changed: 8 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -160,16 +160,12 @@ func (r *RootCmd) ping() *serpent.Command {
160160
LocalNetInfo:ni,
161161
}
162162

163-
awsRanges,err:=cliutil.NewAWSIPRanges(ctx)
163+
awsRanges,err:=cliutil.FetchAWSIPRanges(ctx,cliutil.AWSIPRangesURL)
164164
iferr!=nil {
165165
_,_=fmt.Fprintf(inv.Stdout,"Failed to retrieve AWS IP ranges: %v\n",err)
166166
}
167167

168-
clientIPIsAWS,err:=isAWSIP(awsRanges,ni)
169-
iferr!=nil {
170-
_,_=fmt.Fprintf(inv.Stdout,"Failed to determine if client IP is AWS: %v\n",err)
171-
}
172-
connDiags.ClientIPIsAWS=clientIPIsAWS
168+
connDiags.ClientIPIsAWS=isAWSIP(awsRanges,ni)
173169

174170
connInfo,err:=client.AgentConnectionInfoGeneric(ctx)
175171
iferr==nil {
@@ -187,11 +183,7 @@ func (r *RootCmd) ping() *serpent.Command {
187183
agentNetcheck,err:=conn.Netcheck(ctx)
188184
iferr==nil {
189185
connDiags.AgentNetcheck=&agentNetcheck
190-
agentIPIsAws,err:=isAWSIP(awsRanges,agentNetcheck.NetInfo)
191-
iferr!=nil {
192-
_,_=fmt.Fprintf(inv.Stdout,"Failed to determine if agent IP is AWS: %v\n",err)
193-
}
194-
connDiags.AgentIPIsAWS=agentIPIsAws
186+
connDiags.AgentIPIsAWS=isAWSIP(awsRanges,agentNetcheck.NetInfo)
195187
}else {
196188
varsdkErr*codersdk.Error
197189
iferrors.As(err,&sdkErr)&&sdkErr.StatusCode()==http.StatusNotFound {
@@ -231,23 +223,11 @@ func (r *RootCmd) ping() *serpent.Command {
231223
returncmd
232224
}
233225

234-
funcisAWSIP(awsRanges*cliutil.AWSIPRanges,ni*tailcfg.NetInfo) (bool,error) {
235-
varstrIPstring
236-
ifni.GlobalV4!="" {
237-
strIP=ni.GlobalV4
238-
}elseifni.GlobalV6!="" {
239-
strIP=ni.GlobalV6
240-
}else {
241-
returnfalse,xerrors.Errorf("no public IP address found")
226+
funcisAWSIP(awsRanges*cliutil.AWSIPRanges,ni*tailcfg.NetInfo)bool {
227+
checkIP:=func(ipStrstring)bool {
228+
ip,err:=netip.ParseAddr(ipStr)
229+
returnerr==nil&&awsRanges.CheckIP(ip)
242230
}
243231

244-
ip,err:=netip.ParseAddr(strIP)
245-
iferr!=nil {
246-
returnfalse,err
247-
}
248-
isAWS,err:=awsRanges.CheckIP(ip)
249-
iferr!=nil {
250-
returnfalse,err
251-
}
252-
returnisAWS,nil
232+
returncheckIP(ni.GlobalV4)||checkIP(ni.GlobalV6)
253233
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp