d4708
/
opentracker
mirror of git://erdgeist.org/opentracker
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Prevent proxied ips of the wrong flavour to poison our clients

master
Dirk Engling 3 months ago
parent
5b98dcf3a3
commit
aca3ee0ac8
1 changed files with 10 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 12
      ot_http.c

12
ot_http.c
Unescape View File

@ -420,9 +420,17 @@ static ssize_t http_handle_announce( const int64 sock, struct ot_workstruct *ws, @@ -420,9 +420,17 @@ static ssize_t http_handle_announce( const int64 sock, struct ot_workstruct *ws,
if( accesslist_is_blessed( cookie->ip, OT_PERMISSION_MAY_PROXY ) ) {
ot_ip6 proxied_ip;
char *fwd = http_header( ws->request, ws->header_size, "x-forwarded-for" );
if( fwd && scan_ip6( fwd, proxied_ip ) )
if( fwd && scan_ip6( fwd, proxied_ip ) ) {
/* If proxy reports an ipv6 address but we can only handle v4 (or vice versa), bail out */
#ifndef WANT_V6
if( !ip6_isv4mapped(proxied_ip) )
#else
if( ip6_isv4mapped(proxied_ip) )
#endif
HTTPERROR_400_PARAM;
OT_SETIP( &ws->peer, proxied_ip );
else
} else
OT_SETIP( &ws->peer, cookie->ip );
} else
#endif

Write Preview
Loading…
Cancel
Save