Don't accept any IP as a proxy by default

It's too easy to setup a reverse proxy which doesn't support the PROXY
protocol, or lets the X-Forwarded-For header fields pass through.
Disable this by default.

To restore the previous behaviour, add `accept-proxy-ip localhost` to
the config file.
This commit is contained in:
Simon Ser 2020-10-25 18:22:12 +01:00
parent 24d8f2167b
commit 88d241fd1d
No known key found for this signature in database
GPG Key ID: 0FDE7BE0E88F5E48
2 changed files with 9 additions and 6 deletions

View File

@ -55,7 +55,6 @@ func Defaults() *Server {
Hostname: hostname,
SQLDriver: "sqlite3",
SQLSource: "soju.db",
AcceptProxyIPs: loopbackIPs,
}
}
@ -100,6 +99,10 @@ func parse(cfg scfg.Block) (*Server, error) {
case "accept-proxy-ip":
srv.AcceptProxyIPs = nil
for _, s := range d.Params {
if s == "localhost" {
srv.AcceptProxyIPs = append(srv.AcceptProxyIPs, loopbackIPs...)
continue
}
_, n, err := net.ParseCIDR(s)
if err != nil {
return nil, fmt.Errorf("directive %q: failed to parse CIDR: %v", d.Name, err)

View File

@ -114,8 +114,8 @@ The following directives are supported:
*accept-proxy-ip* <cidr...>
Allow the specified IPs to act as a proxy. Proxys have the ability to
overwrite the remote and local connection addresses (via the X-Forwarded-\*
HTTP header fields). By default, the loopback addresses 127.0.0.0/8 and
::1/128 are accepted.
HTTP header fields). The special name "localhost" accepts the loopback
addresses 127.0.0.0/8 and ::1/128. By default, all IPs are rejected.
# IRC SERVICE