--forwarded-allow-ips '*' broken in combination with gunicorn

[andreas-sch-b]

I'm running uvicorn in combination with gunicorn like this:

gunicorn -k uvicorn.workers.UvicornWorker --forwarded-allow-ips "*" ....

This worked well with the 0.30.6, however it's broken with the 0.31.0 of uvicorn. The issue got introduced with the PR [1]. The problem is, that the check for the wildcard changed. In the old version there was a check like "*" in trusted_hosts. The new code now checks for trusted_hosts == "*" which causes the problem.

[1] #2468

[theyashl]

Small reproducible example for above issue:

from uvicorn.workers import UvicornWorker
import gunicorn.app.base


async def app(scope, receive, send):
    assert scope['type'] == 'http'

    await send({
        'type': 'http.response.start',
        'status': 200,
        'headers': [
            (b'content-type', b'text/plain'),
        ],
    })
    await receive()
    await send({
        'type': 'http.response.body',
        'body': b'{"status": "ok"}',
    })


class StandaloneApplication(gunicorn.app.base.BaseApplication):

    def __init__(self, app, options=None):
        self.options = options or {}
        self.application = app
        super().__init__()

    def load_config(self):
        config = {key: value for key, value in self.options.items()
                  if key in self.cfg.settings and value is not None}
        for key, value in config.items():
            self.cfg.set(key.lower(), value)

    def load(self):
        return self.application


if __name__ == '__main__':
    options = {
        'bind': '%s:%s' % ('127.0.0.1', '8080'),
        'workers': 1,
        'worker_class': UvicornWorker,
        'forwarded_allow_ips': "*"
    }
    StandaloneApplication(app, options).run()

upon executing the above application, always_trust flag of _TrustedHosts will not be set to True even after marking forwarded_allow_ips as *. Making "*" to insert inside trusted_literals.

[andreas-sch-b]

bug fixed #2477