From f7c0d301672927d0ce877e95c21116b0aa573eef Mon Sep 17 00:00:00 2001
From: anatoly yakovenko <anatoly@solana.com>
Date: Sat, 25 Aug 2018 21:09:18 -0700
Subject: [PATCH] Disallow localhost in deployment (#1064)

* disallow localhost in deployment

* tests

* fmt

* integration tests do not have a flag to check

* fmt
---
 Cargo.toml               |  1 +
 ci/test-large-network.sh |  2 +-
 ci/test-nightly.sh       |  2 +-
 ci/test-stable-perf.sh   |  2 +-
 ci/test-stable.sh        |  2 +-
 src/crdt.rs              | 16 ++++++++++++++--
 tests/data_replicator.rs |  1 +
 tests/multinode.rs       |  2 ++
 8 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 824d9b878..8c54d95ac 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -61,6 +61,7 @@ unstable = []
 ipv6 = []
 cuda = []
 erasure = []
+test = []
 
 [dependencies]
 atty = "0.2"
diff --git a/ci/test-large-network.sh b/ci/test-large-network.sh
index c949321f0..1410b1a62 100755
--- a/ci/test-large-network.sh
+++ b/ci/test-large-network.sh
@@ -42,4 +42,4 @@ if [[ $(sysctl -n net.core.wmem_max) -lt 1610612736 ]]; then
 fi
 
 set -x
-exec cargo test --release --features=erasure test_multi_node_dynamic_network -- --ignored
+exec cargo test --release --features=erasure,test test_multi_node_dynamic_network -- --ignored
diff --git a/ci/test-nightly.sh b/ci/test-nightly.sh
index 4b1683661..dd1147a06 100755
--- a/ci/test-nightly.sh
+++ b/ci/test-nightly.sh
@@ -11,7 +11,7 @@ _() {
 }
 
 _ cargo build --verbose --features unstable
-_ cargo test --verbose --features unstable
+_ cargo test --verbose --features=unstable,test
 _ cargo clippy -- --deny=warnings
 
 exit 0
diff --git a/ci/test-stable-perf.sh b/ci/test-stable-perf.sh
index 572fd3e96..6053f4ca8 100755
--- a/ci/test-stable-perf.sh
+++ b/ci/test-stable-perf.sh
@@ -19,7 +19,7 @@ _() {
   "$@"
 }
 
-_ cargo test --features=cuda,erasure
+_ cargo test --features=cuda,erasure,test
 
 echo --- ci/localnet-sanity.sh
 (
diff --git a/ci/test-stable.sh b/ci/test-stable.sh
index 1ad7998c9..96a3608d5 100755
--- a/ci/test-stable.sh
+++ b/ci/test-stable.sh
@@ -12,7 +12,7 @@ _() {
 
 _ cargo fmt -- --check
 _ cargo build --verbose
-_ cargo test --verbose
+_ cargo test --features=test --verbose
 
 echo --- ci/localnet-sanity.sh
 (
diff --git a/src/crdt.rs b/src/crdt.rs
index cc447bfc0..fdb7d3716 100644
--- a/src/crdt.rs
+++ b/src/crdt.rs
@@ -1239,9 +1239,17 @@ impl Crdt {
             })
             .unwrap()
     }
-
+    fn is_valid_address_internal(addr: SocketAddr, cfg_test: bool) -> bool {
+        (addr.port() != 0)
+            && !(addr.ip().is_unspecified()
+                || addr.ip().is_multicast()
+                || (addr.ip().is_loopback() && !cfg_test))
+    }
+    /// port must not be 0
+    /// ip must be specified and not mulitcast
+    /// loopback ip is only allowed in tests
     pub fn is_valid_address(addr: SocketAddr) -> bool {
-        (addr.port() != 0) && !(addr.ip().is_unspecified() || addr.ip().is_multicast())
+        Self::is_valid_address_internal(addr, cfg!(test) || cfg!(feature = "test"))
     }
 }
 
@@ -2116,12 +2124,16 @@ mod tests {
 
     #[test]
     fn test_is_valid_address() {
+        assert!(cfg!(test));
         let bad_address_port = "127.0.0.1:0".parse().unwrap();
         assert!(!Crdt::is_valid_address(bad_address_port));
         let bad_address_unspecified = "0.0.0.0:1234".parse().unwrap();
         assert!(!Crdt::is_valid_address(bad_address_unspecified));
         let bad_address_multicast = "224.254.0.0:1234".parse().unwrap();
         assert!(!Crdt::is_valid_address(bad_address_multicast));
+        let loopback = "127.0.0.1:1234".parse().unwrap();
+        assert!(Crdt::is_valid_address(loopback));
+        assert!(!Crdt::is_valid_address_internal(loopback, false));
     }
 
     #[test]
diff --git a/tests/data_replicator.rs b/tests/data_replicator.rs
index 6ff4d49d5..652e36637 100644
--- a/tests/data_replicator.rs
+++ b/tests/data_replicator.rs
@@ -193,6 +193,7 @@ pub fn crdt_retransmit() -> result::Result<()> {
 #[ignore]
 fn test_external_liveness_table() {
     logger::setup();
+    assert!(cfg!(feature = "test"));
     let c1_c4_exit = Arc::new(AtomicBool::new(false));
     let c2_c3_exit = Arc::new(AtomicBool::new(false));
 
diff --git a/tests/multinode.rs b/tests/multinode.rs
index 3d35686aa..fa76e24ef 100644
--- a/tests/multinode.rs
+++ b/tests/multinode.rs
@@ -120,6 +120,7 @@ fn make_tiny_test_entries(start_hash: Hash, num: usize) -> Vec<Entry> {
 
 #[test]
 fn test_multi_node_ledger_window() -> result::Result<()> {
+    assert!(cfg!(feature = "test"));
     logger::setup();
 
     let leader_keypair = Keypair::new();
@@ -518,6 +519,7 @@ fn test_leader_restart_validator_start_from_old_ledger() -> result::Result<()> {
 #[ignore]
 fn test_multi_node_dynamic_network() {
     logger::setup();
+    assert!(cfg!(feature = "test"));
     let key = "SOLANA_DYNAMIC_NODES";
     let num_nodes: usize = match env::var(key) {
         Ok(val) => val