klink/sneedstr
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Use only forwarded client IP

Browse source
This commit is contained in:
Tony Klink 2024-01-15 16:12:22 -06:00
parent 17932c8d7f
commit 5836ecc35e
Signed by: klink
GPG key ID: 85175567C4D19231
3 changed files with 8 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/relay/handler.rs
View file

@ -6,10 +6,7 @@ use warp::{Rejection, Reply};
pub async fn ws_handler( pub async fn ws_handler(
ws: warp::ws::Ws, ws: warp::ws::Ws,
context: Context, context: Context,
client_ip: Option<SocketAddr>,
real_client_ip: Option<SocketAddr>, real_client_ip: Option<SocketAddr>,
) -> Result<impl Reply, Rejection> { ) -> Result<impl Reply, Rejection> {
Ok(ws.on_upgrade(move |socket| { Ok(ws.on_upgrade(move |socket| ws::client_connection(socket, context, real_client_ip)))
ws::client_connection(socket, context, client_ip, real_client_ip)
}))
} }

14
src/relay/routes.rs
View file

@ -10,23 +10,11 @@ pub fn routes(context: Context) -> impl Filter<Extract = impl Reply, Error = Rej
} }
fn index(context: Context) -> impl Filter<Extract = impl Reply, Error = Rejection> + Clone { fn index(context: Context) -> impl Filter<Extract = impl Reply, Error = Rejection> + Clone {
let client_ip = warp::addr::remote(); let real_client_ip = warp::header::optional::<std::net::SocketAddr>("X-Real-IP");
let real_client_ip = warp::header::optional::<std::net::SocketAddr>("X-Real-IP")
.or(warp::header::optional::<std::net::SocketAddr>(
"X-Forwarded-For",
))
.unify()
.map(|ip: Option<std::net::SocketAddr>| {
// Get the IP from either header,
// and unify into the inner type.
ip
});
warp::path::end() warp::path::end()
.and(warp::ws()) .and(warp::ws())
.and(with_context(context)) .and(with_context(context))
.and(client_ip)
.and(real_client_ip) .and(real_client_ip)
.and_then(handler::ws_handler) .and_then(handler::ws_handler)
} }

11
src/relay/ws.rs
View file

@ -16,7 +16,6 @@ use futures_util::SinkExt;
pub async fn client_connection( pub async fn client_connection(
ws: WebSocket, ws: WebSocket,
context: Context, context: Context,
client_ip: Option<SocketAddr>,
real_client_ip: Option<SocketAddr>, real_client_ip: Option<SocketAddr>,
) { ) {
let (mut ws_sender, mut ws_receiver) = ws.split(); let (mut ws_sender, mut ws_receiver) = ws.split();
@ -25,10 +24,12 @@ pub async fn client_connection(
let mut client_receiver = UnboundedReceiverStream::new(client_receiver); let mut client_receiver = UnboundedReceiverStream::new(client_receiver);
// Create and Add to the Context new Client and set its sender // Create and Add to the Context new Client and set its sender
let ip = real_client_ip let ip = if real_client_ip.is_some() {
.unwrap_or(client_ip.unwrap()) real_client_ip.unwrap().to_string()
.ip() } else {
.to_string(); "".to_string()
};
let mut client = Client::new(ip); let mut client = Client::new(ip);
client.client_connection = Some(client_sender); client.client_connection = Some(client_sender);