Validate subdomain for http tunnels (#138)

* Validate subdomain for http tunnels

* Add subdomain validation tests

Author: amalshaji

tunnel/cmd/portr/start.go

@@ -27,9 +27,15 @@ func startTunnels(c *cli.Context, tunnelFromCli *config.Tunnel) error {
 
 	if tunnelFromCli != nil {
 		tunnelFromCli.SetDefaults()
+		if err := tunnelFromCli.Validate(); err != nil {
+			return err
+		}
 		_c.ReplaceTunnelsFromCli(*tunnelFromCli)
 		err = _c.Start(c.Context)
 	} else {
+		if err := config.Validate(); err != nil {
+			return err
+		}
 		err = _c.Start(c.Context, c.Args().Slice()...)
 	}
 

tunnel/internal/client/config/config.go

@@ -40,6 +40,16 @@ func (t *Tunnel) SetDefaults() {
 	}
 }
 
+func (t *Tunnel) Validate() error {
+	if t.Type == constants.Http {
+		if err := utils.ValidateSubdomain(t.Subdomain); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (t *Tunnel) GetLocalAddr() string {
 	return t.Host + ":" + fmt.Sprint(t.Port)
 }
@@ -84,6 +94,16 @@ func (c *Config) SetDefaults() {
 	}
 }
 
+func (c Config) Validate() error {
+	for _, tunnel := range c.Tunnels {
+		if err := tunnel.Validate(); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (c Config) GetAdminAddress() string {
 	protocol := "http"
 	if !c.UseLocalHost {

tunnel/internal/client/ssh/ssh.go

@@ -77,7 +77,7 @@ func (s *SshClient) createNewConnection() (string, error) {
 		if s.config.Debug {
 			log.Error("Failed to create new connection", "error", reqErr)
 		}
-		return "", fmt.Errorf(reqErr.Message)
+		return "", fmt.Errorf("server error: %s", reqErr.Message)
 	}
 	return response.ConnectionId, nil
 }

tunnel/internal/utils/subdomain.go

@@ -0,0 +1,18 @@
+package utils
+
+import (
+	"fmt"
+	"regexp"
+)
+
+func ValidateSubdomain(subdomain string) error {
+	matched, err := regexp.Match(`^[a-zA-Z0-9][-a-zA-Z0-9_]{0,61}[a-zA-Z0-9]$`, []byte(subdomain))
+	if err != nil {
+		return fmt.Errorf("error validating subdomain: %v", err)
+	}
+	if !matched {
+		return fmt.Errorf("invalid subdomain '%s'. Must not contain special characters other than '-', `_`", subdomain)
+	}
+
+	return nil
+}

tunnel/internal/utils/subdomain_test.go

@@ -0,0 +1,78 @@
+package utils
+
+import (
+	"testing"
+)
+
+func TestValidateSubdomain(t *testing.T) {
+	tests := []struct {
+		name      string
+		subdomain string
+		wantErr   bool
+	}{
+		{
+			name:      "valid subdomain",
+			subdomain: "test",
+			wantErr:   false,
+		},
+		{
+			name:      "subdomain with dash",
+			subdomain: "test-subdomain",
+			wantErr:   false,
+		},
+		{
+			name:      "subdomain with underscore",
+			subdomain: "test_subdomain",
+			wantErr:   false,
+		},
+		{
+			name:      "subdomain with uppercase letters",
+			subdomain: "TestSubdomain",
+			wantErr:   false,
+		},
+		{
+			name:      "subdomain with leading dash",
+			subdomain: "-test",
+			wantErr:   true,
+		},
+		{
+			name:      "subdomain with trailing dash",
+			subdomain: "test-",
+			wantErr:   true,
+		},
+		{
+			name:      "subdomain with leading underscore",
+			subdomain: "_test",
+			wantErr:   true,
+		},
+		{
+			name:      "subdomain with trailing underscore",
+			subdomain: "test_",
+			wantErr:   true,
+		},
+		{
+			name:      "subdomain with special characters",
+			subdomain: "test@subdomain",
+			wantErr:   true,
+		},
+		{
+			name:      "subdomain with dot",
+			subdomain: "test.subdomain",
+			wantErr:   true,
+		},
+		{
+			name:      "subdomain with multiple dots",
+			subdomain: "test.subdomain.com",
+			wantErr:   true,
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			err := ValidateSubdomain(test.subdomain)
+			if (err != nil) != test.wantErr {
+				t.Errorf("ValidateSubdomain(%q) = %v, wantErr %v", test.subdomain, err, test.wantErr)
+			}
+		})
+	}
+}