proxmox-mirrors/pve-http-server
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-http-server synced 2025-05-02 00:02:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
138 Commits 5 Branches 0 Tags 1.3 MiB
Perl 98.2%
Makefile 1.8%
c6de5b3f2d
Go to file
Stoiko Ivanov c6de5b3f2d access control: correctly match v4-mapped-v6 addresses 
With recent changes to the listening socket code in pve-manager
the proxy daemons now usually bind to '::' and ipv4 clients are
read as v4-mapped-v6 addresses [0] from ::ffff:0:0/96.

This caused the allow_from/deny_from matching to break.

This patch addresses the issue by normalizing addresses from
::ffff:0:0/96 using Net::IP::ip_get_embedded_ipv4
(which roughly splits on ':' and checks if the last part looks like an
ipv4 address).

Issue was originally reported in our community forum [1]

[0] https://en.wikipedia.org/wiki/IPv6_address
[1] https://forum.proxmox.com/threads/my-pveproxy-file-doesnt-work.83228/

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2021-05-07 17:47:46 +02:00
debian bump version to 3.2-1 2021-04-23 13:54:14 +02:00
examples add a more complex demo 2017-01-21 16:08:36 +01:00
PVE/APIServer access control: correctly match v4-mapped-v6 addresses 2021-05-07 17:47:46 +02:00
.gitignore fixup no newline at end of .gitignore 2018-05-25 16:42:05 +02:00
Makefile re-use Debians jQuery and Bootstrap packages 2019-05-22 08:10:58 +02:00