Use loopback address for local communication (#46)

jcharum · web-flow · commit 555db268739a · 2020-07-14T19:46:49.000-07:00
Use loopback address for local communication to avoid exposing ports externally. This has the side effect of not triggering OS X dialogs prompting users to deny/allow access to incoming traffic, in tests and `Local` system usage.
diff --git a/ec2system/ec2machine_test.go b/ec2system/ec2machine_test.go
@@ -76,7 +76,7 @@ func TestMutualHTTPS(t *testing.T) {
 
 	var listenAndServeError errors.Once
 	go func() {
-		listenAndServeError.Set(sys.ListenAndServe(fmt.Sprintf(":%d", port), mux))
+		listenAndServeError.Set(sys.ListenAndServe(fmt.Sprintf("localhost:%d", port), mux))
 	}()
 	time.Sleep(time.Second)
 
@@ -97,7 +97,7 @@ func TestMutualHTTPS(t *testing.T) {
 }
 
 func getFreeTCPPort() (int, error) {
-	addr, err := net.ResolveTCPAddr("tcp", ":0")
+	addr, err := net.ResolveTCPAddr("tcp", "localhost:0")
 	if err != nil {
 		return 0, err
 	}
diff --git a/local.go b/local.go
@@ -93,7 +93,7 @@ func (s *localSystem) Start(ctx context.Context, count int) ([]*Machine, error)
 		muxer := new(tee.Writer)
 		cmd.Stdout = iofmt.PrefixWriter(muxer, prefix)
 		cmd.Stderr = iofmt.PrefixWriter(muxer, prefix)
-		cmd.Env = append(cmd.Env, fmt.Sprintf("BIGMACHINE_ADDR=:%d", port))
+		cmd.Env = append(cmd.Env, fmt.Sprintf("BIGMACHINE_ADDR=localhost:%d", port))
 		cmd.Env = append(cmd.Env, fmt.Sprintf("BIGMACHINE_AUTHORITY=%s", s.authorityFilename))
 
 		m := new(Machine)
@@ -176,7 +176,6 @@ func (s *localSystem) HTTPClient() *http.Client {
 	http2.ConfigureTransport(transport)
 	return &http.Client{Transport: transport}
 }
-
 func (*localSystem) Exit(code int) {
 	os.Exit(code)
 }
@@ -220,7 +219,7 @@ func (s *localSystem) Read(ctx context.Context, m *Machine, filename string) (io
 }
 
 func getFreeTCPPort() (int, error) {
-	addr, err := net.ResolveTCPAddr("tcp", ":0")
+	addr, err := net.ResolveTCPAddr("tcp", "localhost:0")
 	if err != nil {
 		return 0, err
 	}
diff --git a/regress/tests/teststream.go b/regress/tests/teststream.go
@@ -31,7 +31,7 @@ type service struct{}
 
 func (service) Empty(ctx context.Context, howlong time.Duration, reply *io.ReadCloser) error {
 	http2.VerboseLogs = true
-	go http.ListenAndServe(":9090", nil)
+	go http.ListenAndServe("localhost:9090", nil)
 	*reply = ioutil.NopCloser(bytes.NewReader(nil))
 	return nil
 }

Original file line number	Diff line number	Diff line change
`@@ -76,7 +76,7 @@ func TestMutualHTTPS(t *testing.T) {`
`76`	`76`
`77`	`77`	`var listenAndServeError errors.Once`
`78`	`78`	`go func() {`
`79`		`- listenAndServeError.Set(sys.ListenAndServe(fmt.Sprintf(":%d", port), mux))`
	`79`	`+ listenAndServeError.Set(sys.ListenAndServe(fmt.Sprintf("localhost:%d", port), mux))`
`80`	`80`	`}()`
`81`	`81`	`time.Sleep(time.Second)`
`82`	`82`
`@@ -97,7 +97,7 @@ func TestMutualHTTPS(t *testing.T) {`
`97`	`97`	`}`
`98`	`98`
`99`	`99`	`func getFreeTCPPort() (int, error) {`
`100`		`- addr, err := net.ResolveTCPAddr("tcp", ":0")`
	`100`	`+ addr, err := net.ResolveTCPAddr("tcp", "localhost:0")`
`101`	`101`	`if err != nil {`
`102`	`102`	`return 0, err`
`103`	`103`	`}`
Original file line number	Diff line number	Diff line change
`@@ -93,7 +93,7 @@ func (s localSystem) Start(ctx context.Context, count int) ([]Machine, error)`
`93`	`93`	`muxer := new(tee.Writer)`
`94`	`94`	`cmd.Stdout = iofmt.PrefixWriter(muxer, prefix)`
`95`	`95`	`cmd.Stderr = iofmt.PrefixWriter(muxer, prefix)`
`96`		`- cmd.Env = append(cmd.Env, fmt.Sprintf("BIGMACHINE_ADDR=:%d", port))`
	`96`	`+ cmd.Env = append(cmd.Env, fmt.Sprintf("BIGMACHINE_ADDR=localhost:%d", port))`
`97`	`97`	`cmd.Env = append(cmd.Env, fmt.Sprintf("BIGMACHINE_AUTHORITY=%s", s.authorityFilename))`
`98`	`98`
`99`	`99`	`m := new(Machine)`
`@@ -176,7 +176,6 @@ func (s localSystem) HTTPClient() http.Client {`
`176`	`176`	`http2.ConfigureTransport(transport)`
`177`	`177`	`return &http.Client{Transport: transport}`
`178`	`178`	`}`
`179`		`-`
`180`	`179`	`func (*localSystem) Exit(code int) {`
`181`	`180`	`os.Exit(code)`
`182`	`181`	`}`
`@@ -220,7 +219,7 @@ func (s localSystem) Read(ctx context.Context, m Machine, filename string) (io`
`220`	`219`	`}`
`221`	`220`
`222`	`221`	`func getFreeTCPPort() (int, error) {`
`223`		`- addr, err := net.ResolveTCPAddr("tcp", ":0")`
	`222`	`+ addr, err := net.ResolveTCPAddr("tcp", "localhost:0")`
`224`	`223`	`if err != nil {`
`225`	`224`	`return 0, err`
`226`	`225`	`}`
Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,7 @@ type service struct{}`
`31`	`31`
`32`	`32`	`func (service) Empty(ctx context.Context, howlong time.Duration, reply *io.ReadCloser) error {`
`33`	`33`	`http2.VerboseLogs = true`
`34`		`- go http.ListenAndServe(":9090", nil)`
	`34`	`+ go http.ListenAndServe("localhost:9090", nil)`
`35`	`35`	`*reply = ioutil.NopCloser(bytes.NewReader(nil))`
`36`	`36`	`return nil`
`37`	`37`	`}`