[release] v0.10.1-unstable
This commit is contained in:
parent
50dadfd9e8
commit
df27afb694
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "cosmos-server",
|
"name": "cosmos-server",
|
||||||
"version": "0.10.0",
|
"version": "0.10.1-unstable",
|
||||||
"description": "",
|
"description": "",
|
||||||
"main": "test-server.js",
|
"main": "test-server.js",
|
||||||
"bugs": {
|
"bugs": {
|
||||||
|
|
|
@ -515,6 +515,14 @@ func generateNebulaCert(name, ip, PK string, saveToFile bool) (string, string, s
|
||||||
}
|
}
|
||||||
|
|
||||||
func generateNebulaCACert(name string) (error) {
|
func generateNebulaCACert(name string) (error) {
|
||||||
|
// if ca.key exists, delete it, remove it
|
||||||
|
if _, err := os.Stat("./ca.key"); err == nil {
|
||||||
|
os.Remove("./ca.key")
|
||||||
|
}
|
||||||
|
if _, err := os.Stat("./ca.crt"); err == nil {
|
||||||
|
os.Remove("./ca.crt")
|
||||||
|
}
|
||||||
|
|
||||||
// Run the nebula-cert command to generate CA certificate and key
|
// Run the nebula-cert command to generate CA certificate and key
|
||||||
cmd := exec.Command(binaryToRun() + "-cert", "ca", "-name", "\""+name+"\"")
|
cmd := exec.Command(binaryToRun() + "-cert", "ca", "-name", "\""+name+"\"")
|
||||||
|
|
||||||
|
|
|
@ -305,7 +305,17 @@ func Restrictions(RestrictToConstellation bool, WhitelistInboundIPs []string) fu
|
||||||
isWhitelistPassing := !isUsingWhiteList || isInWhitelist
|
isWhitelistPassing := !isUsingWhiteList || isInWhitelist
|
||||||
|
|
||||||
// check if the request is coming from the constellation IP range 192.168.201.0/24
|
// check if the request is coming from the constellation IP range 192.168.201.0/24
|
||||||
if (!isInConstellationPassing && !isWhitelistPassing) {
|
if (!isInConstellationPassing) {
|
||||||
|
if(!isUsingWhiteList) {
|
||||||
|
Log("Request from " + ip + " is blocked because of restrictions isInConstellationPassing: " + fmt.Sprintf("%v", isInConstellationPassing) + " and isWhitelistPassing: " + fmt.Sprintf("%v", isWhitelistPassing))
|
||||||
|
http.Error(w, "Access denied", http.StatusForbidden)
|
||||||
|
return
|
||||||
|
} else if (!isInWhitelist) {
|
||||||
|
Log("Request from " + ip + " is blocked because of restrictions isInConstellationPassing: " + fmt.Sprintf("%v", isInConstellationPassing) + " and isWhitelistPassing: " + fmt.Sprintf("%v", isWhitelistPassing))
|
||||||
|
http.Error(w, "Access denied", http.StatusForbidden)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
} else if (!isWhitelistPassing) {
|
||||||
Log("Request from " + ip + " is blocked because of restrictions isInConstellationPassing: " + fmt.Sprintf("%v", isInConstellationPassing) + " and isWhitelistPassing: " + fmt.Sprintf("%v", isWhitelistPassing))
|
Log("Request from " + ip + " is blocked because of restrictions isInConstellationPassing: " + fmt.Sprintf("%v", isInConstellationPassing) + " and isWhitelistPassing: " + fmt.Sprintf("%v", isWhitelistPassing))
|
||||||
http.Error(w, "Access denied", http.StatusForbidden)
|
http.Error(w, "Access denied", http.StatusForbidden)
|
||||||
return
|
return
|
||||||
|
|
Loading…
Reference in a new issue