Mirrors/juanfont.headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2025-09-25 17:51:11 +02:00
Code Issues Projects Releases Wiki Activity

policy: validate protocol and portnumber

Browse Source 
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
Kristoffer Dalby 2025-09-12 11:25:38 +02:00
parent a31249c043
commit ab7eefb9c9
No known key found for this signature in database
2 changed files with 6 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
hscontrol/policy/v2/types.go
View File

@ -1720,6 +1720,11 @@ func (p *Policy) validate() error {
} }
} }
} }
// Validate protocol-port compatibility
if err := validateProtocolPortCompatibility(acl.Protocol, acl.Destinations); err != nil {
errs = append(errs, err)
}
} }
for _, ssh := range p.SSHs { for _, ssh := range p.SSHs {

18
hscontrol/policy/v2/types_test.go
View File

@ -352,20 +352,6 @@ func TestUnmarshalPolicy(t *testing.T) {
name: "2652-asterix-error-better-explain", name: "2652-asterix-error-better-explain",
input: ` input: `
{ {
"acls": [
{
"action": "accept",
"src": [
"*"
],
"dst": [
"*:*"
],
"proto": [
"*:*"
]
}
],
"ssh": [ "ssh": [
{ {
"action": "accept", "action": "accept",
@ -375,9 +361,7 @@ func TestUnmarshalPolicy(t *testing.T) {
"dst": [ "dst": [
"*" "*"
], ],
"proto": [ "users": ["root"]
"*:*"
]
} }
] ]
} }