From 77aa4cbbbf9d9a1adf719e28bf2dd3c7bf66ed5d Mon Sep 17 00:00:00 2001 From: kruskall <99559985+kruskall@users.noreply.github.com> Date: Wed, 26 Feb 2025 04:18:21 +0100 Subject: [PATCH] fix(ipv6): do not build malformed enroll url with ipv6 host replace string concat with net func to avoid building a malformed url if the host is an ipv6 --- internal/pkg/agent/cmd/enroll_cmd.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/internal/pkg/agent/cmd/enroll_cmd.go b/internal/pkg/agent/cmd/enroll_cmd.go index 19426c06d6b..caa8325dcc4 100644 --- a/internal/pkg/agent/cmd/enroll_cmd.go +++ b/internal/pkg/agent/cmd/enroll_cmd.go @@ -11,8 +11,10 @@ import ( "fmt" "io" "math/rand/v2" + "net" "os" "os/exec" + "strconv" "strings" "time" @@ -433,7 +435,7 @@ func (c *enrollCmd) prepareFleetTLS() error { if c.options.FleetServer.Host == "" { c.options.FleetServer.Host = defaultFleetServerInternalHost } - c.options.URL = fmt.Sprintf("http://%s:%d", host, port) + c.options.URL = "http://" + net.JoinHostPort(host, strconv.Itoa(int(port))) c.options.Insecure = true return nil } @@ -453,7 +455,7 @@ func (c *enrollCmd) prepareFleetTLS() error { } c.options.FleetServer.Cert = string(pair.Crt) c.options.FleetServer.CertKey = string(pair.Key) - c.options.URL = fmt.Sprintf("https://%s:%d", hostname, port) + c.options.URL = "https://" + net.JoinHostPort(hostname, strconv.Itoa(int(port))) c.options.CAs = []string{string(ca.Crt())} } // running with custom Cert and CertKey; URL is required to be set @@ -465,7 +467,7 @@ func (c *enrollCmd) prepareFleetTLS() error { if c.options.FleetServer.InternalPort != defaultFleetServerInternalPort { c.log.Warnf("Internal endpoint configured to: %d. Changing this value is not supported.", c.options.FleetServer.InternalPort) } - c.options.InternalURL = fmt.Sprintf("%s:%d", defaultFleetServerInternalHost, c.options.FleetServer.InternalPort) + c.options.InternalURL = net.JoinHostPort(defaultFleetServerInternalHost, strconv.Itoa(int(c.options.FleetServer.InternalPort))) } return nil