3
0
mirror of https://github.com/ergochat/ergo.git synced 2025-01-05 09:32:32 +01:00

allow WEBIRC to set the TLS flag over local plaintext connections

This commit is contained in:
Shivaram Lingamneni 2018-01-31 21:07:57 -05:00
parent 09a17b32be
commit b7f66fb1de
2 changed files with 16 additions and 3 deletions

View File

@ -58,9 +58,11 @@ func webircHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
key = x key = x
} }
// only accept "tls" flag if the gateway's connection to us is secure as well if strings.ToLower(key) == "tls" {
if strings.ToLower(key) == "tls" && client.flags[TLS] { // only accept "tls" flag if the gateway's connection to us is secure as well
secure = true if client.flags[TLS] || utils.AddrIsLocal(client.socket.conn.RemoteAddr()) {
secure = true
}
} }
} }
} }

View File

@ -25,6 +25,17 @@ func AddrLookupHostname(addr net.Addr) string {
return LookupHostname(IPString(addr)) return LookupHostname(IPString(addr))
} }
// AddrIsLocal returns whether the address is from a trusted local connection (loopback or unix).
func AddrIsLocal(addr net.Addr) bool {
if tcpaddr, ok := addr.(*net.TCPAddr); ok {
return tcpaddr.IP.IsLoopback()
}
if _, ok := addr.(*net.UnixAddr); ok {
return true
}
return false
}
// LookupHostname returns the hostname for `addr` if it has one. Otherwise, just returns `addr`. // LookupHostname returns the hostname for `addr` if it has one. Otherwise, just returns `addr`.
func LookupHostname(addr string) string { func LookupHostname(addr string) string {
names, err := net.LookupAddr(addr) names, err := net.LookupAddr(addr)