phoenix/weblug
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add check for empty address

Browse source 
Adds a check for an empty source address. This should in principle never
happen, but this additional check will ensure, that in such cases we
dont' allow something that should be blocked.
This commit is contained in:
Felix Niederwanger 2023-04-22 10:59:06 +02:00
parent bb075137cb
commit 213135f6d7
Signed by: phoenix
GPG key ID: 6E77A590E3F6D71C
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
cmd/weblug/hook.go
View file

@ -130,6 +130,16 @@ func cidr(addr string) string {
// IsAddressAllowed checks if the hook allows the given address. An address is allowed, if it is present in the AllowAddresses list (if non-empty) and if it is not present in the BlockedAddresses list (if non-empty)
func (hook *Hook) IsAddressAllowed(addr string) (bool, error) {
if addr == "" {
// If we cannot determine the source address, but there are element in either the Allow or the Block list, the only safe thing we can do is to reject
if hook.AllowAddresses != nil && len(hook.AllowAddresses) > 0 {
return false, fmt.Errorf("no source address")
}
if hook.BlockedAddresses != nil && len(hook.BlockedAddresses) > 0 {
return false, fmt.Errorf("no source address")
}
}
addr = cidr(addr)
if hook.AllowAddresses != nil && len(hook.AllowAddresses) > 0 {
// If AllowAddresses is defined and not empty, the given addr must be in the AllowAddresses list