From 1c74b353e159482f629d034676c8aeb9c88a2bae Mon Sep 17 00:00:00 2001
From: Wangjunqi123 <wangjunqi@kylinos.cn>
Date: Tue, 30 Jul 2024 10:32:06 +0800
Subject: [PATCH] agent/handler: verify the source of the topo server request

---
 agent/handler/httphandler.go | 51 +++++++++++++++++++++++++++++++-----
 1 file changed, 45 insertions(+), 6 deletions(-)

diff --git a/agent/handler/httphandler.go b/agent/handler/httphandler.go
index 6d30c25..e4af631 100755
--- a/agent/handler/httphandler.go
+++ b/agent/handler/httphandler.go
@@ -3,28 +3,41 @@ package handler
 import (
 	"fmt"
 	"net/http"
+	"strings"
 
 	"gitee.com/openeuler/PilotGo-plugin-topology/agent/conf"
 	"gitee.com/openeuler/PilotGo-plugin-topology/agent/service"
 	"gitee.com/openeuler/PilotGo-plugin-topology/agent/service/container"
+	"gitee.com/openeuler/PilotGo/sdk/logger"
 	"gitee.com/openeuler/PilotGo/sdk/response"
 	"github.com/gin-gonic/gin"
 	"github.com/pkg/errors"
 )
 
 func RawMetricDataHandle(ctx *gin.Context) {
+	// 验证topo server请求来源
+	if ctx.RemoteIP() != strings.Split(conf.Config().Topo.Server_addr, ":")[0] {
+		err := errors.Errorf("unknow topo server: %s", ctx.RemoteIP())
+		logger.ErrorStack("", err)
+		// errors.EORE(err)
+		ctx.JSON(http.StatusBadRequest, gin.H{
+			"code":  -1,
+			"error": err.Error(),
+			"data":  nil,
+		})
+		return
+	}
+
 	data, err := service.DataCollectorService()
 	if err != nil {
 		err = errors.Wrap(err, "**2")
-		fmt.Printf("%+v\n", err) // err top
+		logger.ErrorStack("", err)
 		// errors.EORE(err)
-
 		ctx.JSON(http.StatusBadRequest, gin.H{
 			"code":  -1,
 			"error": fmt.Errorf("(Raw_metric_data->DataCollectorService: %s)", err),
 			"data":  nil,
 		})
-
 		return
 	}
 
@@ -36,6 +49,19 @@ func RawMetricDataHandle(ctx *gin.Context) {
 }
 
 func HealthCheckHandle(ctx *gin.Context) {
+	// 验证topo server请求来源
+	if ctx.RemoteIP() != strings.Split(conf.Config().Topo.Server_addr, ":")[0] {
+		err := errors.Errorf("unknow topo server: %s", ctx.RemoteIP())
+		logger.ErrorStack("", err)
+		// errors.EORE(err)
+		ctx.JSON(http.StatusBadRequest, gin.H{
+			"code":  -1,
+			"error": err.Error(),
+			"data":  nil,
+		})
+		return
+	}
+
 	agentinfo := struct {
 		Interval int `json:"interval"`
 	}{
@@ -46,12 +72,25 @@ func HealthCheckHandle(ctx *gin.Context) {
 }
 
 func ContainerListHandle(ctx *gin.Context) {
+	// 验证topo server请求来源
+	if ctx.RemoteIP() != strings.Split(conf.Config().Topo.Server_addr, ":")[0] {
+		err := errors.Errorf("unknow topo server: %s", ctx.RemoteIP())
+		logger.ErrorStack("", err)
+		// errors.EORE(err)
+		ctx.JSON(http.StatusBadRequest, gin.H{
+			"code":  -1,
+			"error": err.Error(),
+			"data":  nil,
+		})
+		return
+	}
+
 	containers, err := container.ContainerList()
 	if err != nil {
-		err = errors.Wrap(err, "") // err top
-		fmt.Printf("%+v\n", err)
+		err = errors.Wrap(err, "")
+		logger.ErrorStack("", err)
 		response.Fail(ctx, nil, errors.Cause(err).Error())
 	}
 
-	response.Success(ctx, containers, "success")	
+	response.Success(ctx, containers, "success")
 }
\ No newline at end of file
-- 
Gitee