diff --git a/CHANGELOG.md b/CHANGELOG.md index 8a87e2cbb65..497882ccfe8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,11 @@ SECURITY: * drivers/docker+exec+java: Disable `CAP_NET_RAW` linux capability by default to prevent ARP spoofing. CVE-2021-32575 [[GH-10568](https://github.com/hashicorp/nomad/issues/10568)](https://github.com/hashicorp/nomad/issues/10568) +BUG FIXES: + * api: Added missing devices block to AllocatedTaskResources [[GH-10064](https://github.com/hashicorp/nomad/pull/10064)] + * cli: Fixed a bug where non-int proxy port would panic CLI [[GH-10072](https://github.com/hashicorp/nomad/issues/10072)] + * cli: Fixed a bug where `nomad operator debug` incorrectly parsed https Consul API URLs. [[GH-10082](https://github.com/hashicorp/nomad/pull/10082)] + ## 1.0.4 (February 24, 2021) FEATURES: diff --git a/command/operator_debug.go b/command/operator_debug.go index 5c4ea36a195..eeaf8ae5564 100644 --- a/command/operator_debug.go +++ b/command/operator_debug.go @@ -1064,6 +1064,10 @@ func (e *external) addr(defaultAddr string) string { if strings.HasPrefix(e.addrVal, "http:") { return e.addrVal } + if strings.HasPrefix(e.addrVal, "https:") { + // Mismatch: e.ssl=false but addrVal is https + return strings.ReplaceAll(e.addrVal, "https://", "http://") + } return "http://" + e.addrVal } @@ -1072,7 +1076,8 @@ func (e *external) addr(defaultAddr string) string { } if strings.HasPrefix(e.addrVal, "http:") { - return "https:" + e.addrVal[5:] + // Mismatch: e.ssl=true but addrVal is http + return strings.ReplaceAll(e.addrVal, "http://", "https://") } return "https://" + e.addrVal diff --git a/command/operator_debug_test.go b/command/operator_debug_test.go index a77fa395797..1a3173d389e 100644 --- a/command/operator_debug_test.go +++ b/command/operator_debug_test.go @@ -433,17 +433,35 @@ func TestDebug_Utils(t *testing.T) { require.Empty(t, xs) // address calculation honors CONSUL_HTTP_SSL - e := &external{addrVal: "http://127.0.0.1:8500", ssl: true} - require.Equal(t, "https://127.0.0.1:8500", e.addr("foo")) + // ssl: true - Correct alignment + e := &external{addrVal: "https://127.0.0.1:8500", ssl: true} + addr := e.addr("foo") + require.Equal(t, "https://127.0.0.1:8500", addr) + // ssl: true - protocol incorrect + e = &external{addrVal: "http://127.0.0.1:8500", ssl: true} + addr = e.addr("foo") + require.Equal(t, "https://127.0.0.1:8500", addr) + + // ssl: true - protocol missing + e = &external{addrVal: "127.0.0.1:8500", ssl: true} + addr = e.addr("foo") + require.Equal(t, "https://127.0.0.1:8500", addr) + + // ssl: false - correct alignment e = &external{addrVal: "http://127.0.0.1:8500", ssl: false} - require.Equal(t, "http://127.0.0.1:8500", e.addr("foo")) + addr = e.addr("foo") + require.Equal(t, "http://127.0.0.1:8500", addr) - e = &external{addrVal: "127.0.0.1:8500", ssl: false} - require.Equal(t, "http://127.0.0.1:8500", e.addr("foo")) + // ssl: false - protocol incorrect + e = &external{addrVal: "https://127.0.0.1:8500", ssl: false} + addr = e.addr("foo") + require.Equal(t, "http://127.0.0.1:8500", addr) - e = &external{addrVal: "127.0.0.1:8500", ssl: true} - require.Equal(t, "https://127.0.0.1:8500", e.addr("foo")) + // ssl: false - protocol missing + e = &external{addrVal: "127.0.0.1:8500", ssl: false} + addr = e.addr("foo") + require.Equal(t, "http://127.0.0.1:8500", addr) } func TestDebug_WriteBytes_Nil(t *testing.T) {