From d55d50b3b3a9a8e842bb25e1ee8468587cd346f4 Mon Sep 17 00:00:00 2001
From: Mohammed Al Sahaf <msaa1990@gmail.com>
Date: Thu, 17 Sep 2020 04:48:37 +0300
Subject: reverseproxy: Enforce port range size of 1 at provision (#3695)

* reverse_proxy: ensure upstream address has port range of only 1

* reverse_proxy: don't log the error if upstream range size is more than 1
---
 modules/caddyhttp/reverseproxy/reverseproxy.go | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'modules/caddyhttp/reverseproxy')

diff --git a/modules/caddyhttp/reverseproxy/reverseproxy.go b/modules/caddyhttp/reverseproxy/reverseproxy.go
index d1aa49a..910fbfc 100644
--- a/modules/caddyhttp/reverseproxy/reverseproxy.go
+++ b/modules/caddyhttp/reverseproxy/reverseproxy.go
@@ -204,6 +204,13 @@ func (h *Handler) Provision(ctx caddy.Context) error {
 
 	// set up upstreams
 	for _, upstream := range h.Upstreams {
+		addr, err := caddy.ParseNetworkAddress(upstream.Dial)
+		if err != nil {
+			return err
+		}
+		if addr.PortRangeSize() != 1 {
+			return fmt.Errorf("multiple addresses (upstream must map to only one address): %v", addr)
+		}
 		// create or get the host representation for this upstream
 		var host Host = new(upstreamHost)
 		existingHost, loaded := hosts.LoadOrStore(upstream.String(), host)
-- 
cgit v1.2.3