From 73a5ed90b28bdd92eb8dfe359a2fd6c5b1a62931 Mon Sep 17 00:00:00 2001
From: Ryan Huber <rhuber@gmail.com>
Date: Mon, 8 Mar 2021 12:42:06 -0800
Subject: [PATCH] Do not allow someone to run a nebula lighthouse with an
 ephemeral port (#399)

* Do not allow someone to run a nebula lighthouse with an ephemeral port

* derp - we discover the port so we have to check the config setting

* No context needed for this error

* gofmt yourself

* Revert "gofmt yourself"

This reverts commit c01423498e3792f7acd69d7e691dce1edad81bcb.

* Revert "No context needed for this error"

This reverts commit 6792af6846d1200c564a4ad601a637535dd56c5b.

* snip snap snip snap
---
 main.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/main.go b/main.go
index b76bbe7..dc0469d 100644
--- a/main.go
+++ b/main.go
@@ -244,6 +244,11 @@ func Main(config *Config, configTest bool, buildVersion string, logger *logrus.L
 
 	amLighthouse := config.GetBool("lighthouse.am_lighthouse", false)
 
+	// fatal if am_lighthouse is enabled but we are using an ephemeral port
+	if amLighthouse && (config.GetInt("listen.port", 0) == 0) {
+		return nil, NewContextualError("lighthouse.am_lighthouse enabled on node but no port number is set in config", nil, nil)
+	}
+
 	// warn if am_lighthouse is enabled but upstream lighthouses exists
 	rawLighthouseHosts := config.GetStringSlice("lighthouse.hosts", []string{})
 	if amLighthouse && len(rawLighthouseHosts) != 0 {