add trusted proxies

2022-11-27 00:30:50 +02:00
parent 8d6c4aeafe
commit fcd6110790
11 changed files with 95 additions and 37 deletions
--- a/bot/access.go
+++ b/bot/access.go
@@ -109,8 +109,25 @@ func (b *Bot) IsBanned(addr net.Addr) bool {
 	return b.cfg.GetBanlist().Has(addr)
 }

+// IsTrusted checks if address is a trusted (proxy)
+func (b *Bot) IsTrusted(addr net.Addr) bool {
+	ip := utils.AddrIP(addr)
+	for _, proxy := range b.proxies {
+		if ip == proxy {
+			b.log.Debug("address %s is trusted", ip)
+			return true
+		}
+	}
+
+	b.log.Debug("address %s is NOT trusted", ip)
+	return false
+}
+
 // Ban an address
 func (b *Bot) Ban(addr net.Addr) {
+	if b.IsTrusted(addr) {
+		return
+	}
 	b.log.Debug("attempting to ban %s", addr.String())
 	banlist := b.cfg.GetBanlist()
 	banlist.Add(addr)
--- a/bot/bot.go
+++ b/bot/bot.go
@@ -34,6 +34,7 @@ type Bot struct {
 	adminRooms              []id.RoomID
 	commands                commandList
 	rooms                   sync.Map
+	proxies                 []string
 	sendmail                func(string, string, string) error
 	cfg                     *config.Manager
 	log                     *logger.Logger
@@ -49,6 +50,7 @@ func New(
 	lp *linkpearl.Linkpearl,
 	log *logger.Logger,
 	cfg *config.Manager,
+	proxies []string,
 	prefix string,
 	domains []string,
 	admins []string,
@@ -59,6 +61,7 @@ func New(
 		prefix:     prefix,
 		rooms:      sync.Map{},
 		adminRooms: []id.RoomID{},
+		proxies:    proxies,
 		mbxc:       mbxc,
 		cfg:        cfg,
 		log:        log,
--- a/bot/config/lists.go
+++ b/bot/config/lists.go
@@ -4,6 +4,8 @@ import (
 	"net"
 	"sort"
 	"time"
+
+	"gitlab.com/etke.cc/postmoogle/utils"
 )

 // account data keys
@@ -26,24 +28,15 @@ func (l List) Slice() []string {
 	return slice
 }

-func (l List) getKey(addr net.Addr) string {
-	key := addr.String()
-	host, _, _ := net.SplitHostPort(key) //nolint:errcheck // either way it's ok
-	if host != "" {
-		key = host
-	}
-	return key
-}
-
 // Has addr in ban- or greylist
 func (l List) Has(addr net.Addr) bool {
-	_, ok := l[l.getKey(addr)]
+	_, ok := l[utils.AddrIP(addr)]
 	return ok
 }

 // Get when addr was added in ban- or greylist
 func (l List) Get(addr net.Addr) (time.Time, bool) {
-	from := l[l.getKey(addr)]
+	from := l[utils.AddrIP(addr)]
 	if from == "" {
 		return time.Time{}, false
 	}
@@ -57,7 +50,7 @@ func (l List) Get(addr net.Addr) (time.Time, bool) {

 // Add an addr to ban- or greylist
 func (l List) Add(addr net.Addr) {
-	key := l.getKey(addr)
+	key := utils.AddrIP(addr)
 	if _, ok := l[key]; ok {
 		return
 	}
@@ -67,7 +60,7 @@ func (l List) Add(addr net.Addr) {

 // Remove an addr from ban- or greylist
 func (l List) Remove(addr net.Addr) {
-	key := l.getKey(addr)
+	key := utils.AddrIP(addr)
 	if _, ok := l[key]; !ok {
 		return
 	}