diff options
author | Francis Lavoie <[email protected]> | 2024-05-30 09:32:17 -0400 |
---|---|---|
committer | GitHub <[email protected]> | 2024-05-30 07:32:17 -0600 |
commit | 40c582ce8273bf12b08e8e77df6498bca5f626a6 (patch) | |
tree | 1865dfd837568e51e22a00651c83da0288bef302 | |
parent | a52917a37dcc40eda1ff5034103d4a89883de2aa (diff) | |
download | caddy-40c582ce8273bf12b08e8e77df6498bca5f626a6.tar.gz caddy-40c582ce8273bf12b08e8e77df6498bca5f626a6.zip |
caddyhttp: Fix merging consecutive `client_ip` or `remote_ip` matchers (#6350)v2.8.1
-rw-r--r-- | caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest | 48 | ||||
-rw-r--r-- | modules/caddyhttp/ip_matchers.go | 44 |
2 files changed, 72 insertions, 20 deletions
diff --git a/caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest b/caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest index 0ccee395c..efb66cf2c 100644 --- a/caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest +++ b/caddytest/integration/caddyfile_adapt/matcher_syntax.caddyfiletest @@ -46,6 +46,18 @@ @matcher12 client_ip private_ranges respond @matcher12 "client_ip matcher with private ranges" + + @matcher13 { + remote_ip 1.1.1.1 + remote_ip 2.2.2.2 + } + respond @matcher13 "remote_ip merged" + + @matcher14 { + client_ip 1.1.1.1 + client_ip 2.2.2.2 + } + respond @matcher14 "client_ip merged" } ---------- { @@ -279,6 +291,42 @@ "handler": "static_response" } ] + }, + { + "match": [ + { + "remote_ip": { + "ranges": [ + "1.1.1.1", + "2.2.2.2" + ] + } + } + ], + "handle": [ + { + "body": "remote_ip merged", + "handler": "static_response" + } + ] + }, + { + "match": [ + { + "client_ip": { + "ranges": [ + "1.1.1.1", + "2.2.2.2" + ] + } + } + ], + "handle": [ + { + "body": "client_ip merged", + "handler": "static_response" + } + ] } ] } diff --git a/modules/caddyhttp/ip_matchers.go b/modules/caddyhttp/ip_matchers.go index 00d17487c..baa7c51ce 100644 --- a/modules/caddyhttp/ip_matchers.go +++ b/modules/caddyhttp/ip_matchers.go @@ -72,19 +72,21 @@ func (MatchRemoteIP) CaddyModule() caddy.ModuleInfo { // UnmarshalCaddyfile implements caddyfile.Unmarshaler. func (m *MatchRemoteIP) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { - d.Next() // consume matcher name - for d.NextArg() { - if d.Val() == "forwarded" { - return d.Err("the 'forwarded' option is no longer supported; use the 'client_ip' matcher instead") + // iterate to merge multiple matchers into one + for d.Next() { + for d.NextArg() { + if d.Val() == "forwarded" { + return d.Err("the 'forwarded' option is no longer supported; use the 'client_ip' matcher instead") + } + if d.Val() == "private_ranges" { + m.Ranges = append(m.Ranges, PrivateRangesCIDR()...) + continue + } + m.Ranges = append(m.Ranges, d.Val()) } - if d.Val() == "private_ranges" { - m.Ranges = append(m.Ranges, PrivateRangesCIDR()...) - continue + if d.NextBlock(0) { + return d.Err("malformed remote_ip matcher: blocks are not supported") } - m.Ranges = append(m.Ranges, d.Val()) - } - if d.NextBlock(0) { - return d.Err("malformed remote_ip matcher: blocks are not supported") } return nil } @@ -164,16 +166,18 @@ func (MatchClientIP) CaddyModule() caddy.ModuleInfo { // UnmarshalCaddyfile implements caddyfile.Unmarshaler. func (m *MatchClientIP) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { - d.Next() // consume matcher name - for d.NextArg() { - if d.Val() == "private_ranges" { - m.Ranges = append(m.Ranges, PrivateRangesCIDR()...) - continue + // iterate to merge multiple matchers into one + for d.Next() { + for d.NextArg() { + if d.Val() == "private_ranges" { + m.Ranges = append(m.Ranges, PrivateRangesCIDR()...) + continue + } + m.Ranges = append(m.Ranges, d.Val()) + } + if d.NextBlock(0) { + return d.Err("malformed client_ip matcher: blocks are not supported") } - m.Ranges = append(m.Ranges, d.Val()) - } - if d.NextBlock(0) { - return d.Err("malformed client_ip matcher: blocks are not supported") } return nil } |