| David K. Bainbridge | 528b318 | 2017-01-23 08:51:59 -0800 | [diff] [blame^] | 1 | // Copyright 2016 Canonical Ltd. |
| 2 | // Licensed under the LGPLv3, see LICENCE file for details. |
| 3 | |
| 4 | //+build !go1.7 |
| 5 | |
| 6 | package utils |
| 7 | |
| 8 | import ( |
| 9 | "fmt" |
| 10 | "net" |
| 11 | "net/http" |
| 12 | ) |
| 13 | |
| 14 | // installHTTPDialShim patches the default HTTP transport so |
| 15 | // that it fails when an attempt is made to dial a non-local |
| 16 | // host. |
| 17 | func installHTTPDialShim(t *http.Transport) { |
| 18 | t.Dial = func(network, addr string) (net.Conn, error) { |
| 19 | if !OutgoingAccessAllowed && !isLocalAddr(addr) { |
| 20 | return nil, fmt.Errorf("access to address %q not allowed", addr) |
| 21 | } |
| 22 | return net.Dial(network, addr) |
| 23 | } |
| 24 | } |