Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix Real IP logic #2550

Merged
merged 2 commits into from
Mar 10, 2024
Merged

Fix Real IP logic #2550

merged 2 commits into from
Mar 10, 2024

Conversation

cl-bvl
Copy link
Contributor

@cl-bvl cl-bvl commented Nov 27, 2023

Hello.
This fix for realIP logic.
We should check for trusting not real IP, but RemoteIP, who sends the request.
For example, we have a client - 1.1.1.1 and LB - 8.8.8.8.
LB are trusting, all requests sended by it have X-Real-Ip header with client IP and we should extract it from headers.
We should not extract RealIP from requests sended from another hosts (not our LB).
Current implementation checking client IP for trusting, but it's incorrect.

@cl-bvl cl-bvl changed the title Fix realIP logic Fix Real IP logic Nov 27, 2023
@cl-bvl
Copy link
Contributor Author

cl-bvl commented Dec 1, 2023

Hello.
Can you please review this changes

@aldas
Copy link
Contributor

aldas commented Dec 3, 2023

Is cause by #1834

@aldas
Copy link
Contributor

aldas commented Dec 3, 2023

Maybe something like that would be better

In case X-Real-Ip header is present we check if we can trust Request.RemoteAddr and If we can -we will use X-Real-Ip value. Also we parse X-Real-Ip value just to be sure it is valid IP.

// ExtractIPFromRealIPHeader extracts IP address using X-Real-Ip header only when we trust Request.RemoteAddr IP.
// Use this if you put proxy which uses this header.
func ExtractIPFromRealIPHeader(options ...TrustOption) IPExtractor {
	checker := newIPChecker(options)
	return func(req *http.Request) string {
		directIP := extractIP(req)
		realIP := req.Header.Get(HeaderXRealIP)
		if realIP != "" {
			if dIP := net.ParseIP(directIP); dIP != nil && checker.trust(dIP) {
				realIP = strings.TrimPrefix(realIP, "[")
				realIP = strings.TrimSuffix(realIP, "]")
				if rIP := net.ParseIP(realIP); rIP != nil {
					return realIP
				}
			}
		}
		return directIP
	}
}

p.s. Do not forget to make TestExtractIPFromRealIPHeader tests fail with current implementation and then add fixed implementation that should now pass these modified tests. If there are no failing tests then please add at lease one.

@aldas aldas added the bug label Dec 3, 2023
@cl-bvl
Copy link
Contributor Author

cl-bvl commented Dec 5, 2023

Hello, thanks.
The tests are fixed. Now it's failing on master code and passes on fixed version.

Copy link

codecov bot commented Dec 20, 2023

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (584cb85) 92.89% compared to head (92a8221) 92.90%.
Report is 4 commits behind head on master.

Additional details and impacted files
@@           Coverage Diff           @@
##           master    #2550   +/-   ##
=======================================
  Coverage   92.89%   92.90%           
=======================================
  Files          39       39           
  Lines        4658     4662    +4     
=======================================
+ Hits         4327     4331    +4     
  Misses        240      240           
  Partials       91       91           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@codercms
Copy link

@aldas is there any chance to get this changes merged?
Current X-Real-IP logic is really frustrating because it checks client IP extracted from X-Real-IP header, but it should check direct IP for trust.

@aldas aldas merged commit a3b0ba2 into labstack:master Mar 10, 2024
16 checks passed
@aldas
Copy link
Contributor

aldas commented Mar 10, 2024

alright, done. I look this issue couple weeks ago but did not want to merge because I did not remember how this IP worked. Fortunately we have fairly good explanations at the beggining of ip.go. I do not want to merge stuff that I do not remember how it should work.

nono referenced this pull request in cozy/cozy-stack Apr 22, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [github.com/labstack/echo/v4](https://github.com/labstack/echo) |
`v4.11.4` -> `v4.12.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2flabstack%2fecho%2fv4/v4.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2flabstack%2fecho%2fv4/v4.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2flabstack%2fecho%2fv4/v4.11.4/v4.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2flabstack%2fecho%2fv4/v4.11.4/v4.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>labstack/echo (github.com/labstack/echo/v4)</summary>

###
[`v4.12.0`](https://github.com/labstack/echo/blob/HEAD/CHANGELOG.md#v4120---2024-04-15)

[Compare
Source](https://github.com/labstack/echo/compare/v4.11.4...v4.12.0)

**Security**

- Update golang.org/x/net dep because of
[GO-2024-2687](https://pkg.go.dev/vuln/GO-2024-2687) by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2625](https://github.com/labstack/echo/pull/2625)

**Enhancements**

- binder: make binding to Map work better with string destinations by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2554](https://github.com/labstack/echo/pull/2554)
- README.md: add Encore as sponsor by
[@&#8203;marcuskohlberg](https://github.com/marcuskohlberg) in
[https://github.com/labstack/echo/pull/2579](https://github.com/labstack/echo/pull/2579)
- Reorder paragraphs in README.md by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2581](https://github.com/labstack/echo/pull/2581)
- CI: upgrade actions/checkout to v4 by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2584](https://github.com/labstack/echo/pull/2584)
- Remove default charset from 'application/json' Content-Type header by
[@&#8203;doortts](https://github.com/doortts) in
[https://github.com/labstack/echo/pull/2568](https://github.com/labstack/echo/pull/2568)
- CI: Use Go 1.22 by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2588](https://github.com/labstack/echo/pull/2588)
- binder: allow binding to a nil map by
[@&#8203;georgmu](https://github.com/georgmu) in
[https://github.com/labstack/echo/pull/2574](https://github.com/labstack/echo/pull/2574)
- Add Skipper Unit Test In BasicBasicAuthConfig and Add More Detail
Explanation regarding BasicAuthValidator by
[@&#8203;RyoKusnadi](https://github.com/RyoKusnadi) in
[https://github.com/labstack/echo/pull/2461](https://github.com/labstack/echo/pull/2461)
- fix some typos by
[@&#8203;teslaedison](https://github.com/teslaedison) in
[https://github.com/labstack/echo/pull/2603](https://github.com/labstack/echo/pull/2603)
- fix: some typos by [@&#8203;pomadev](https://github.com/pomadev) in
[https://github.com/labstack/echo/pull/2596](https://github.com/labstack/echo/pull/2596)
- Allow ResponseWriters to unwrap writers when flushing/hijacking by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2595](https://github.com/labstack/echo/pull/2595)
- Add SPDX licence comments to files. by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2604](https://github.com/labstack/echo/pull/2604)
- Upgrade deps by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2605](https://github.com/labstack/echo/pull/2605)
- Change type definition blocks to single declarations. This helps copy…
by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2606](https://github.com/labstack/echo/pull/2606)
- Fix Real IP logic by [@&#8203;cl-bvl](https://github.com/cl-bvl) in
[https://github.com/labstack/echo/pull/2550](https://github.com/labstack/echo/pull/2550)
- Default binder can use `UnmarshalParams(params []string) error` inter…
by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2607](https://github.com/labstack/echo/pull/2607)
- Default binder can bind pointer to slice as struct field. For example
`*[]string` by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2608](https://github.com/labstack/echo/pull/2608)
- Remove maxparam dependence from Context by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2611](https://github.com/labstack/echo/pull/2611)
- When route is registered with empty path it is normalized to `/`. by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2616](https://github.com/labstack/echo/pull/2616)
- proxy middleware should use httputil.ReverseProxy for SSE requests by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2624](https://github.com/labstack/echo/pull/2624)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on Monday" in timezone
Europe/Paris, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/cozy/cozy-stack).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMxMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->
github-merge-queue bot referenced this pull request in infratographer/x Aug 8, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [github.com/labstack/echo/v4](https://github.com/labstack/echo) |
`v4.11.4` -> `v4.12.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2flabstack%2fecho%2fv4/v4.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2flabstack%2fecho%2fv4/v4.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2flabstack%2fecho%2fv4/v4.11.4/v4.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2flabstack%2fecho%2fv4/v4.11.4/v4.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>labstack/echo (github.com/labstack/echo/v4)</summary>

###
[`v4.12.0`](https://github.com/labstack/echo/blob/HEAD/CHANGELOG.md#v4120---2024-04-15)

[Compare
Source](https://github.com/labstack/echo/compare/v4.11.4...v4.12.0)

**Security**

- Update golang.org/x/net dep because of
[GO-2024-2687](https://pkg.go.dev/vuln/GO-2024-2687) by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2625](https://github.com/labstack/echo/pull/2625)

**Enhancements**

- binder: make binding to Map work better with string destinations by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2554](https://github.com/labstack/echo/pull/2554)
- README.md: add Encore as sponsor by
[@&#8203;marcuskohlberg](https://github.com/marcuskohlberg) in
[https://github.com/labstack/echo/pull/2579](https://github.com/labstack/echo/pull/2579)
- Reorder paragraphs in README.md by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2581](https://github.com/labstack/echo/pull/2581)
- CI: upgrade actions/checkout to v4 by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2584](https://github.com/labstack/echo/pull/2584)
- Remove default charset from 'application/json' Content-Type header by
[@&#8203;doortts](https://github.com/doortts) in
[https://github.com/labstack/echo/pull/2568](https://github.com/labstack/echo/pull/2568)
- CI: Use Go 1.22 by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2588](https://github.com/labstack/echo/pull/2588)
- binder: allow binding to a nil map by
[@&#8203;georgmu](https://github.com/georgmu) in
[https://github.com/labstack/echo/pull/2574](https://github.com/labstack/echo/pull/2574)
- Add Skipper Unit Test In BasicBasicAuthConfig and Add More Detail
Explanation regarding BasicAuthValidator by
[@&#8203;RyoKusnadi](https://github.com/RyoKusnadi) in
[https://github.com/labstack/echo/pull/2461](https://github.com/labstack/echo/pull/2461)
- fix some typos by
[@&#8203;teslaedison](https://github.com/teslaedison) in
[https://github.com/labstack/echo/pull/2603](https://github.com/labstack/echo/pull/2603)
- fix: some typos by [@&#8203;pomadev](https://github.com/pomadev) in
[https://github.com/labstack/echo/pull/2596](https://github.com/labstack/echo/pull/2596)
- Allow ResponseWriters to unwrap writers when flushing/hijacking by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2595](https://github.com/labstack/echo/pull/2595)
- Add SPDX licence comments to files. by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2604](https://github.com/labstack/echo/pull/2604)
- Upgrade deps by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2605](https://github.com/labstack/echo/pull/2605)
- Change type definition blocks to single declarations. This helps copy…
by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2606](https://github.com/labstack/echo/pull/2606)
- Fix Real IP logic by [@&#8203;cl-bvl](https://github.com/cl-bvl) in
[https://github.com/labstack/echo/pull/2550](https://github.com/labstack/echo/pull/2550)
- Default binder can use `UnmarshalParams(params []string) error` inter…
by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2607](https://github.com/labstack/echo/pull/2607)
- Default binder can bind pointer to slice as struct field. For example
`*[]string` by [@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2608](https://github.com/labstack/echo/pull/2608)
- Remove maxparam dependence from Context by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2611](https://github.com/labstack/echo/pull/2611)
- When route is registered with empty path it is normalized to `/`. by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2616](https://github.com/labstack/echo/pull/2616)
- proxy middleware should use httputil.ReverseProxy for SSE requests by
[@&#8203;aldas](https://github.com/aldas) in
[https://github.com/labstack/echo/pull/2624](https://github.com/labstack/echo/pull/2624)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job log](https://developer.mend.io/github/infratographer/x).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yOTMuMCIsInVwZGF0ZWRJblZlciI6IjM3LjQzOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

---------

Signed-off-by: Mike Mason <mimason@equinix.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Mike Mason <mimason@equinix.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants