From c68b2b5a724b2d900ecfc8da47661144e4473206 Mon Sep 17 00:00:00 2001 From: Laurence Date: Sat, 20 Jan 2024 17:45:32 +0000 Subject: [PATCH 1/3] Add trusted proxies property and find a solution to unix sockets --- config.example.yml | 4 ++++ config/config.go | 2 ++ router/router.go | 12 ++++++++++++ 3 files changed, 18 insertions(+) diff --git a/config.example.yml b/config.example.yml index 2cf2c35..46350d6 100644 --- a/config.example.yml +++ b/config.example.yml @@ -23,6 +23,10 @@ server: responseheaders: # response headers are added to every response (default: none) # X-Custom-Header: "custom value" +# + trustedproxies: # IPs or IP ranges of trusted proxies. Used to obtain the remote ip via the X-Forwarded-For header. (configure 127.0.0.1 to trust sockets) +# - 127.0.0.1/32 +# - ::1 cors: # Sets cors headers only when needed and provides support for multiple allowed origins. Overrides Access-Control-* Headers in response headers. alloworigins: diff --git a/config/config.go b/config/config.go index a1410c1..a8fbc2f 100644 --- a/config/config.go +++ b/config/config.go @@ -39,6 +39,8 @@ type Configuration struct { AllowMethods []string AllowHeaders []string } + + TrustedProxies []string } Database struct { Dialect string `default:"sqlite3"` diff --git a/router/router.go b/router/router.go index 228b672..01bcba3 100644 --- a/router/router.go +++ b/router/router.go @@ -27,6 +27,18 @@ import ( func Create(db *database.GormDatabase, vInfo *model.VersionInfo, conf *config.Configuration) (*gin.Engine, func()) { g := gin.New() + if conf.Server.TrustedProxies != nil { + g.SetTrustedProxies(conf.Server.TrustedProxies) + g.ForwardedByClientIP = true + } + + g.Use(func(ctx *gin.Context) { + // Map sockets "@" to 127.0.0.1, because gin-gonic can only trust IPs. + if ctx.Request.RemoteAddr == "@" { + ctx.Request.RemoteAddr = "127.0.0.1:65535" + } + }) + g.Use(gin.LoggerWithFormatter(logFormatter), gin.Recovery(), gerror.Handler(), location.Default()) g.NoRoute(gerror.NotFound()) From 949e5df17e1cb7d56b86c6cb0b37d0a33e101bd0 Mon Sep 17 00:00:00 2001 From: Jannis Mattheis Date: Sun, 4 Feb 2024 10:30:51 +0100 Subject: [PATCH 2/3] fix: always override default proxies Gin trusts all proxies by default. This is a security problem. --- router/router.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/router/router.go b/router/router.go index 01bcba3..dd7d6d2 100644 --- a/router/router.go +++ b/router/router.go @@ -27,10 +27,8 @@ import ( func Create(db *database.GormDatabase, vInfo *model.VersionInfo, conf *config.Configuration) (*gin.Engine, func()) { g := gin.New() - if conf.Server.TrustedProxies != nil { - g.SetTrustedProxies(conf.Server.TrustedProxies) - g.ForwardedByClientIP = true - } + g.SetTrustedProxies(conf.Server.TrustedProxies) + g.ForwardedByClientIP = true g.Use(func(ctx *gin.Context) { // Map sockets "@" to 127.0.0.1, because gin-gonic can only trust IPs. From 2953d758241c2847cb0fb2c94b4022bfdd52728d Mon Sep 17 00:00:00 2001 From: Jannis Mattheis Date: Sun, 4 Feb 2024 10:31:49 +0100 Subject: [PATCH 3/3] fix: only use x-forwarded-for --- router/router.go | 1 + 1 file changed, 1 insertion(+) diff --git a/router/router.go b/router/router.go index dd7d6d2..8b1d364 100644 --- a/router/router.go +++ b/router/router.go @@ -27,6 +27,7 @@ import ( func Create(db *database.GormDatabase, vInfo *model.VersionInfo, conf *config.Configuration) (*gin.Engine, func()) { g := gin.New() + g.RemoteIPHeaders = []string{"X-Forwarded-For"} g.SetTrustedProxies(conf.Server.TrustedProxies) g.ForwardedByClientIP = true