fix: proxy now rejects forward connections that contain the 0.0.0.0…

… wildcard #369
MatrixAI · Apr 6, 2022 · 97cae6f · CMCDragonkai · Apr 6, 2022 · 97cae6f
1 parent 437be7f
commit 97cae6f
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 0 deletions.
diff --git a/src/network/Proxy.ts b/src/network/Proxy.ts
@@ -434,6 +434,13 @@ class Proxy {
  timer,
  );
  } catch (e) {
+ if (e instanceof networkErrors.ErrorProxyConnectInvalidUrl) {
+ if (!clientSocket.destroyed) {
+ await clientSocketEnd('HTTP/1.1 400 Bad Request\r\n' + '\r\n');
+ clientSocket.destroy(e);
+ }
+ return;
+ }
  if (e instanceof networkErrors.ErrorConnectionStartTimeout) {
  if (!clientSocket.destroyed) {
  await clientSocketEnd('HTTP/1.1 504 Gateway Timeout\r\n' + '\r\n');
@@ -519,6 +526,9 @@ class Proxy {
  proxyPort: Port,
  timer?: Timer,
  ): Promise<ConnectionForward> {
+ if (proxyHost === '0.0.0.0') {
+ throw new networkErrors.ErrorProxyConnectInvalidUrl();
+ }
  const proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort);
  let conn: ConnectionForward | undefined;
  conn = this.connectionsForward.proxy.get(proxyAddress);

diff --git a/tests/network/Proxy.test.ts b/tests/network/Proxy.test.ts
@@ -208,6 +208,15 @@ describe(Proxy.name, () => {
  `127.0.0.1:80?nodeId=${encodeURIComponent(nodeIdSomeEncoded)}`,
  ),
  ).rejects.toThrow('407');
+ // Wildcard as host
+ await expect(() =>
+ httpConnect(
+ proxy.getForwardHost(),
+ proxy.getForwardPort(),
+ authToken,
+ `0.0.0.0:80?nodeId=${encodeURIComponent(nodeIdSomeEncoded)}`,
+ ),
+ ).rejects.toThrow('400');
  // No node id
  await expect(() =>
  httpConnect(