Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge commit 'refs/pull/349/head' of github.com:znc/znc

  • Loading branch information...
commit ccbc4691685f3b7cb7a6dcdd53c0261deb1a2891 2 parents 2a7bc29 + 7ee853a
@DarthGandalf DarthGandalf authored
View
1  include/znc/HTTPSock.h
@@ -111,6 +111,7 @@ class CHTTPSock : public CSocket {
CString m_sPass;
CString m_sContentType;
CString m_sDocRoot;
+ CString m_sForwardedIP;
std::map<CString, VCString> m_msvsPOSTParams;
std::map<CString, VCString> m_msvsGETParams;
MCString m_msHeaders;
View
1  include/znc/WebModules.h
@@ -130,6 +130,7 @@ class CWebSock : public CHTTPSock {
CSmartPtr<CWebSession> GetSession();
+ virtual CString GetRemoteIP();
virtual Csock* GetSockObj(const CString& sHost, unsigned short uPort);
static CString GetSkinPath(const CString& sSkinName);
CModule* GetModule() const { return (CModule*) m_pModule; }
View
5 include/znc/znc.h
@@ -66,6 +66,9 @@ class CZNC {
void ClearBindHosts();
bool AddBindHost(const CString& sHost);
bool RemBindHost(const CString& sHost);
+ void ClearAllowProxy();
+ bool AddAllowProxy(const CString& sHost);
+ bool RemAllowProxy(const CString& sHost);
void Broadcast(const CString& sMessage, bool bAdminOnly = false,
CUser* pSkipUser = NULL, CClient* pSkipClient = NULL);
void AddBytesRead(unsigned long long u) { m_uBytesRead += u; }
@@ -117,6 +120,7 @@ class CZNC {
const CString& GetConfigFile() const { return m_sConfigFile; }
bool WritePemFile();
const VCString& GetBindHosts() const { return m_vsBindHosts; }
+ const VCString& GetAllowProxies() const { return m_vsAllowProxies; }
const std::vector<CListener*>& GetListeners() const { return m_vpListeners; }
time_t TimeStarted() const { return m_TimeStarted; }
unsigned int GetMaxBufferSize() const { return m_uiMaxBufferSize; }
@@ -204,6 +208,7 @@ class CZNC {
CString m_sPidFile;
CString m_sSSLCertFile;
VCString m_vsBindHosts;
+ VCString m_vsAllowProxies;
VCString m_vsMotd;
CFile* m_pLockFile;
unsigned int m_uiConnectDelay;
View
2  src/HTTPSock.cpp
@@ -127,6 +127,8 @@ void CHTTPSock::ReadLine(const CString& sData) {
m_uPostLen = sLine.Token(1).ToULong();
if (m_uPostLen > MAX_POST_SIZE)
PrintErrorPage(413, "Request Entity Too Large", "The request you sent was too large.");
+ } else if (sName.Equals("X-Forwarded-For:")) {
+ m_sForwardedIP = sLine.Token(1).TrimRight_n(",");
} else if (sName.Equals("If-None-Match:")) {
// this is for proper client cache support (HTTP 304) on static files:
m_sIfNoneMatch = sLine.Token(1, true);
View
15 src/WebModules.cpp
@@ -866,6 +866,21 @@ bool CWebSock::OnLogin(const CString& sUser, const CString& sPass) {
return IsLoggedIn();
}
+CString CWebSock::GetRemoteIP()
+{
+ const VCString& vsProxies = CZNC::Get().GetAllowProxies();
+ CString sIP = CHTTPSock::GetRemoteIP();
+
+ VCString::const_iterator it;
+ for (it = vsProxies.begin(); it != vsProxies.end(); ++it) {
+ if (sIP.WildCmp(*it)) {
+ return m_sForwardedIP;
+ }
+ }
+
+ return sIP;
+}
+
Csock* CWebSock::GetSockObj(const CString& sHost, unsigned short uPort) {
// All listening is done by CListener, thus CWebSock should never have
// to listen, but since GetSockObj() is pure virtual...
View
42 src/znc.cpp
@@ -484,6 +484,10 @@ bool CZNC::WriteConfig() {
config.AddKeyValuePair("BindHost", m_vsBindHosts[v].FirstLine());
}
+ for (unsigned int v = 0; v < m_vsAllowProxies.size(); v++) {
+ config.AddKeyValuePair("AllowProxy", m_vsAllowProxies[v].FirstLine());
+ }
+
CModules& Mods = GetModules();
for (unsigned int a = 0; a < Mods.size(); a++) {
@@ -1110,6 +1114,7 @@ bool CZNC::DoRehash(CString& sError)
}
m_vsBindHosts.clear();
+ m_vsAllowProxies.clear();
m_vsMotd.clear();
// Delete all listeners
@@ -1203,6 +1208,12 @@ bool CZNC::DoRehash(CString& sError)
for (vit = vsList.begin(); vit != vsList.end(); ++vit) {
AddBindHost(*vit);
}
+
+ config.FindStringVector("allowproxy", vsList);
+ for (vit = vsList.begin(); vit != vsList.end(); ++vit) {
+ AddAllowProxy(*vit);
+ }
+
config.FindStringVector("vhost", vsList);
for (vit = vsList.begin(); vit != vsList.end(); ++vit) {
AddBindHost(*vit);
@@ -1426,6 +1437,37 @@ bool CZNC::RemBindHost(const CString& sHost) {
return false;
}
+void CZNC::ClearAllowProxy() {
+ m_vsAllowProxies.clear();
+}
+
+bool CZNC::AddAllowProxy(const CString& sHost) {
+ if (sHost.empty()) {
+ return false;
+ }
+
+ for (unsigned int a = 0; a < m_vsAllowProxies.size(); a++) {
+ if (m_vsAllowProxies[a].Equals(sHost)) {
+ return false;
+ }
+ }
+
+ m_vsAllowProxies.push_back(sHost);
+ return true;
+}
+
+bool CZNC::RemAllowProxy(const CString& sHost) {
+ VCString::iterator it;
+ for (it = m_vsAllowProxies.begin(); it != m_vsAllowProxies.end(); ++it) {
+ if (sHost.Equals(*it)) {
+ m_vsAllowProxies.erase(it);
+ return true;
+ }
+ }
+
+ return false;
+}
+
void CZNC::Broadcast(const CString& sMessage, bool bAdminOnly,
CUser* pSkipUser, CClient *pSkipClient) {
for (map<CString,CUser*>::iterator a = m_msUsers.begin(); a != m_msUsers.end(); ++a) {
Please sign in to comment.
Something went wrong with that request. Please try again.