vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 14:30:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(android): require private IP cleartext pairing

Browse Source
This commit is contained in:
Vincent Koc
2026-04-23 11:56:47 -07:00
parent a63939d295
commit cad102c3ca
6 changed files with 19 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/android/app/src/main/java/ai/openclaw/app/gateway/GatewayHostSecurity.kt
View File

@@ -63,8 +63,6 @@ internal fun isPrivateLanGatewayHost(
}
if (host.isEmpty()) return false
if (isLoopbackGatewayHost(host, allowEmulatorBridgeAlias = allowEmulatorBridgeAlias)) return true
if (host.endsWith(".local")) return true
if (!host.contains('.') && !host.contains(':')) return true
parseIpv4Address(host)?.let { ipv4 ->
val first = ipv4[0].toInt() and 0xff

4
apps/android/app/src/test/java/ai/openclaw/app/node/ConnectionManagerTest.kt
View File

@@ -240,9 +240,9 @@ class ConnectionManagerTest {
}
@Test
fun isPrivateLanGatewayHost_acceptsLanHostsButRejectsTailnetHosts() {
fun isPrivateLanGatewayHost_acceptsLanIpsButRejectsMdnsAndTailnetHosts() {
assertTrue(isPrivateLanGatewayHost("192.168.1.20"))
assertTrue(isPrivateLanGatewayHost("gateway.local"))
assertFalse(isPrivateLanGatewayHost("gateway.local"))
assertFalse(isPrivateLanGatewayHost("100.64.0.9"))
assertFalse(isPrivateLanGatewayHost("gateway.tailnet.ts.net"))
}

12
apps/android/app/src/test/java/ai/openclaw/app/ui/GatewayConfigResolverTest.kt
View File

@@ -114,18 +114,10 @@ class GatewayConfigResolverTest {
}
@Test
fun parseGatewayEndpointAllowsMdnsCleartextWsUrls() {
fun parseGatewayEndpointRejectsMdnsCleartextWsUrls() {
val parsed = parseGatewayEndpoint("ws://gateway.local:18789")
assertEquals(
GatewayEndpointConfig(
host = "gateway.local",
port = 18789,
tls = false,
displayUrl = "http://gateway.local:18789",
),
parsed,
)
assertNull(parsed)
}
@Test