mirror of
https://github.com/ergochat/ergo.git
synced 2025-01-10 12:12:37 +01:00
Merge pull request #185 from slingamn/proxypatch.1
tweaks to webirc functionality
This commit is contained in:
commit
10b4ec243b
@ -41,7 +41,7 @@ func (wc *webircConfig) Populate() (err error) {
|
|||||||
// WEBIRC <password> <gateway> <hostname> <ip> [:flag1 flag2=x flag3]
|
// WEBIRC <password> <gateway> <hostname> <ip> [:flag1 flag2=x flag3]
|
||||||
func webircHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
|
func webircHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
|
||||||
// only allow unregistered clients to use this command
|
// only allow unregistered clients to use this command
|
||||||
if client.registered {
|
if client.registered || client.proxiedIP != "" {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -58,9 +58,12 @@ func webircHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
|
|||||||
key = x
|
key = x
|
||||||
}
|
}
|
||||||
|
|
||||||
// only accept "tls" flag if the gateway's connection to us is secure as well
|
lkey := strings.ToLower(key)
|
||||||
if strings.ToLower(key) == "tls" && client.flags[TLS] {
|
if lkey == "tls" || lkey == "secure" {
|
||||||
secure = true
|
// only accept "tls" flag if the gateway's connection to us is secure as well
|
||||||
|
if client.flags[TLS] || utils.AddrIsLocal(client.socket.conn.RemoteAddr()) {
|
||||||
|
secure = true
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -93,7 +96,7 @@ func webircHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
|
|||||||
// http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
|
// http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
|
||||||
func proxyHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
|
func proxyHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
|
||||||
// only allow unregistered clients to use this command
|
// only allow unregistered clients to use this command
|
||||||
if client.registered {
|
if client.registered || client.proxiedIP != "" {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -25,6 +25,17 @@ func AddrLookupHostname(addr net.Addr) string {
|
|||||||
return LookupHostname(IPString(addr))
|
return LookupHostname(IPString(addr))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// AddrIsLocal returns whether the address is from a trusted local connection (loopback or unix).
|
||||||
|
func AddrIsLocal(addr net.Addr) bool {
|
||||||
|
if tcpaddr, ok := addr.(*net.TCPAddr); ok {
|
||||||
|
return tcpaddr.IP.IsLoopback()
|
||||||
|
}
|
||||||
|
if _, ok := addr.(*net.UnixAddr); ok {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
// LookupHostname returns the hostname for `addr` if it has one. Otherwise, just returns `addr`.
|
// LookupHostname returns the hostname for `addr` if it has one. Otherwise, just returns `addr`.
|
||||||
func LookupHostname(addr string) string {
|
func LookupHostname(addr string) string {
|
||||||
names, err := net.LookupAddr(addr)
|
names, err := net.LookupAddr(addr)
|
||||||
|
Loading…
Reference in New Issue
Block a user