aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorFrancis Lavoie <[email protected]>2024-05-30 09:32:17 -0400
committerGitHub <[email protected]>2024-05-30 07:32:17 -0600
commit40c582ce8273bf12b08e8e77df6498bca5f626a6 (patch)
tree1865dfd837568e51e22a00651c83da0288bef302
parenta52917a37dcc40eda1ff5034103d4a89883de2aa (diff)
downloadcaddy-40c582ce8273bf12b08e8e77df6498bca5f626a6.tar.gz
caddy-40c582ce8273bf12b08e8e77df6498bca5f626a6.zip
caddyhttp: Fix merging consecutive `client_ip` or `remote_ip` matchers (#6350)v2.8.1
-rw-r--r--caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest48
-rw-r--r--modules/caddyhttp/ip_matchers.go44
2 files changed, 72 insertions, 20 deletions
diff --git a/caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest b/caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest
index 0ccee395c..efb66cf2c 100644
--- a/caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest
+++ b/caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest
@@ -46,6 +46,18 @@
@matcher12 client_ip private_ranges
respond @matcher12 "client_ip matcher with private ranges"
+
+ @matcher13 {
+ remote_ip 1.1.1.1
+ remote_ip 2.2.2.2
+ }
+ respond @matcher13 "remote_ip merged"
+
+ @matcher14 {
+ client_ip 1.1.1.1
+ client_ip 2.2.2.2
+ }
+ respond @matcher14 "client_ip merged"
}
----------
{
@@ -279,6 +291,42 @@
"handler": "static_response"
}
]
+ },
+ {
+ "match": [
+ {
+ "remote_ip": {
+ "ranges": [
+ "1.1.1.1",
+ "2.2.2.2"
+ ]
+ }
+ }
+ ],
+ "handle": [
+ {
+ "body": "remote_ip merged",
+ "handler": "static_response"
+ }
+ ]
+ },
+ {
+ "match": [
+ {
+ "client_ip": {
+ "ranges": [
+ "1.1.1.1",
+ "2.2.2.2"
+ ]
+ }
+ }
+ ],
+ "handle": [
+ {
+ "body": "client_ip merged",
+ "handler": "static_response"
+ }
+ ]
}
]
}
diff --git a/modules/caddyhttp/ip_matchers.go b/modules/caddyhttp/ip_matchers.go
index 00d17487c..baa7c51ce 100644
--- a/modules/caddyhttp/ip_matchers.go
+++ b/modules/caddyhttp/ip_matchers.go
@@ -72,19 +72,21 @@ func (MatchRemoteIP) CaddyModule() caddy.ModuleInfo {
// UnmarshalCaddyfile implements caddyfile.Unmarshaler.
func (m *MatchRemoteIP) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
- d.Next() // consume matcher name
- for d.NextArg() {
- if d.Val() == "forwarded" {
- return d.Err("the 'forwarded' option is no longer supported; use the 'client_ip' matcher instead")
+ // iterate to merge multiple matchers into one
+ for d.Next() {
+ for d.NextArg() {
+ if d.Val() == "forwarded" {
+ return d.Err("the 'forwarded' option is no longer supported; use the 'client_ip' matcher instead")
+ }
+ if d.Val() == "private_ranges" {
+ m.Ranges = append(m.Ranges, PrivateRangesCIDR()...)
+ continue
+ }
+ m.Ranges = append(m.Ranges, d.Val())
}
- if d.Val() == "private_ranges" {
- m.Ranges = append(m.Ranges, PrivateRangesCIDR()...)
- continue
+ if d.NextBlock(0) {
+ return d.Err("malformed remote_ip matcher: blocks are not supported")
}
- m.Ranges = append(m.Ranges, d.Val())
- }
- if d.NextBlock(0) {
- return d.Err("malformed remote_ip matcher: blocks are not supported")
}
return nil
}
@@ -164,16 +166,18 @@ func (MatchClientIP) CaddyModule() caddy.ModuleInfo {
// UnmarshalCaddyfile implements caddyfile.Unmarshaler.
func (m *MatchClientIP) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
- d.Next() // consume matcher name
- for d.NextArg() {
- if d.Val() == "private_ranges" {
- m.Ranges = append(m.Ranges, PrivateRangesCIDR()...)
- continue
+ // iterate to merge multiple matchers into one
+ for d.Next() {
+ for d.NextArg() {
+ if d.Val() == "private_ranges" {
+ m.Ranges = append(m.Ranges, PrivateRangesCIDR()...)
+ continue
+ }
+ m.Ranges = append(m.Ranges, d.Val())
+ }
+ if d.NextBlock(0) {
+ return d.Err("malformed client_ip matcher: blocks are not supported")
}
- m.Ranges = append(m.Ranges, d.Val())
- }
- if d.NextBlock(0) {
- return d.Err("malformed client_ip matcher: blocks are not supported")
}
return nil
}