Use ForwardedIpUtil everywhere we're handling X-Forwarded-For values.
This commit is contained in:
parent
07886a9722
commit
738ec2a38e
|
@ -71,6 +71,7 @@ import org.whispersystems.textsecuregcm.storage.MessagesManager;
|
||||||
import org.whispersystems.textsecuregcm.storage.PendingAccountsManager;
|
import org.whispersystems.textsecuregcm.storage.PendingAccountsManager;
|
||||||
import org.whispersystems.textsecuregcm.storage.UsernamesManager;
|
import org.whispersystems.textsecuregcm.storage.UsernamesManager;
|
||||||
import org.whispersystems.textsecuregcm.util.Constants;
|
import org.whispersystems.textsecuregcm.util.Constants;
|
||||||
|
import org.whispersystems.textsecuregcm.util.ForwardedIpUtil;
|
||||||
import org.whispersystems.textsecuregcm.util.Hex;
|
import org.whispersystems.textsecuregcm.util.Hex;
|
||||||
import org.whispersystems.textsecuregcm.util.Util;
|
import org.whispersystems.textsecuregcm.util.Util;
|
||||||
import org.whispersystems.textsecuregcm.util.VerificationCode;
|
import org.whispersystems.textsecuregcm.util.VerificationCode;
|
||||||
|
@ -198,10 +199,7 @@ public class AccountController {
|
||||||
transport = "voice";
|
transport = "voice";
|
||||||
}
|
}
|
||||||
|
|
||||||
String requester = Arrays.stream(forwardedFor.split(","))
|
String requester = ForwardedIpUtil.getMostRecentProxy(forwardedFor).orElseThrow();
|
||||||
.map(String::trim)
|
|
||||||
.reduce((a, b) -> b)
|
|
||||||
.orElseThrow();
|
|
||||||
|
|
||||||
Optional<StoredVerificationCode> storedChallenge = pendingAccounts.getCodeForNumber(number);
|
Optional<StoredVerificationCode> storedChallenge = pendingAccounts.getCodeForNumber(number);
|
||||||
CaptchaRequirement requirement = requiresCaptcha(number, transport, forwardedFor, requester, captcha, storedChallenge, pushChallenge);
|
CaptchaRequirement requirement = requiresCaptcha(number, transport, forwardedFor, requester, captcha, storedChallenge, pushChallenge);
|
||||||
|
|
|
@ -74,6 +74,7 @@ import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
|
||||||
import org.whispersystems.textsecuregcm.storage.MessagesManager;
|
import org.whispersystems.textsecuregcm.storage.MessagesManager;
|
||||||
import org.whispersystems.textsecuregcm.util.Base64;
|
import org.whispersystems.textsecuregcm.util.Base64;
|
||||||
import org.whispersystems.textsecuregcm.util.Constants;
|
import org.whispersystems.textsecuregcm.util.Constants;
|
||||||
|
import org.whispersystems.textsecuregcm.util.ForwardedIpUtil;
|
||||||
import org.whispersystems.textsecuregcm.util.Util;
|
import org.whispersystems.textsecuregcm.util.Util;
|
||||||
import org.whispersystems.textsecuregcm.util.ua.UnrecognizedUserAgentException;
|
import org.whispersystems.textsecuregcm.util.ua.UnrecognizedUserAgentException;
|
||||||
import org.whispersystems.textsecuregcm.util.ua.UserAgentUtil;
|
import org.whispersystems.textsecuregcm.util.ua.UserAgentUtil;
|
||||||
|
@ -265,7 +266,12 @@ public class MessageController {
|
||||||
|
|
||||||
if (StringUtils.isAllBlank(masterDevice.getApnId(), masterDevice.getVoipApnId(), masterDevice.getGcmId()) || masterDevice.getUninstalledFeedbackTimestamp() > 0) {
|
if (StringUtils.isAllBlank(masterDevice.getApnId(), masterDevice.getVoipApnId(), masterDevice.getGcmId()) || masterDevice.getUninstalledFeedbackTimestamp() > 0) {
|
||||||
if (dynamicConfigurationManager.getConfiguration().getMessageRateConfiguration().getRateLimitedCountryCodes().contains(senderCountryCode)) {
|
if (dynamicConfigurationManager.getConfiguration().getMessageRateConfiguration().getRateLimitedCountryCodes().contains(senderCountryCode)) {
|
||||||
if (dynamicConfigurationManager.getConfiguration().getMessageRateConfiguration().getRateLimitedHosts().contains(forwardedFor)) {
|
|
||||||
|
final boolean isRateLimitedHost = ForwardedIpUtil.getMostRecentProxy(forwardedFor)
|
||||||
|
.map(proxy -> dynamicConfigurationManager.getConfiguration().getMessageRateConfiguration().getRateLimitedHosts().contains(proxy))
|
||||||
|
.orElse(false);
|
||||||
|
|
||||||
|
if (isRateLimitedHost) {
|
||||||
return declineDelivery(messages, source.get(), destination.get());
|
return declineDelivery(messages, source.get(), destination.get());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -566,15 +572,15 @@ public class MessageController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@VisibleForTesting
|
@VisibleForTesting
|
||||||
void recordInternationalUnsealedSenderMetrics(final String senderIp, final String senderCountryCode, final String destinationNumber) {
|
void recordInternationalUnsealedSenderMetrics(final String forwardedFor, final String senderCountryCode, final String destinationNumber) {
|
||||||
{
|
ForwardedIpUtil.getMostRecentProxy(forwardedFor).ifPresent(senderIp -> {
|
||||||
final String destinationSetKey = getDestinationSetKey(senderIp);
|
final String destinationSetKey = getDestinationSetKey(senderIp);
|
||||||
final String messageCountKey = getMessageCountKey(senderIp);
|
final String messageCountKey = getMessageCountKey(senderIp);
|
||||||
|
|
||||||
recordInternationalUnsealedSenderMetricsScript.execute(
|
recordInternationalUnsealedSenderMetricsScript.execute(
|
||||||
List.of(destinationSetKey, messageCountKey),
|
List.of(destinationSetKey, messageCountKey),
|
||||||
List.of(destinationNumber));
|
List.of(destinationNumber));
|
||||||
}
|
});
|
||||||
|
|
||||||
Metrics.counter(INTERNATIONAL_UNSEALED_SENDER_COUNTER_NAME, SENDER_COUNTRY_TAG_NAME, senderCountryCode).increment();
|
Metrics.counter(INTERNATIONAL_UNSEALED_SENDER_COUNTER_NAME, SENDER_COUNTRY_TAG_NAME, senderCountryCode).increment();
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue