Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: IPv6 ranges not recognized for options masterKeyIPs, maintenanceKeyIPs #8501

Closed
wants to merge 48 commits into from
Closed
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
9ef1968
ci: fix node engine check (#7891)
mtrezza Mar 25, 2022
f63fb2b
fix: return correct response when revert is used in beforeSave (#7839)
dblythy Mar 26, 2022
b3199d7
chore(release): 5.2.1-alpha.1 [skip ci]
semantic-release-bot Mar 26, 2022
48bd512
perf: reduce database operations when using the constant parameter in…
dblythy Mar 26, 2022
e0cca58
chore(release): 5.2.1-alpha.2 [skip ci]
semantic-release-bot Mar 26, 2022
90155cf
feat: add MongoDB 5.1 compatibility (#7682)
github-actions[bot] Mar 27, 2022
499cead
chore(release): 5.3.0-alpha.1 [skip ci]
semantic-release-bot Mar 27, 2022
ef56e98
fix: security upgrade parse push adapter from 4.1.0 to 4.1.2 (#7893)
mtrezza Mar 27, 2022
119dbe0
chore(release): 5.3.0-alpha.2 [skip ci]
semantic-release-bot Mar 27, 2022
6b4b358
feat: add MongoDB 5.2 support (#7894)
mtrezza Mar 27, 2022
75eca2d
chore(release): 5.3.0-alpha.3 [skip ci]
semantic-release-bot Mar 27, 2022
61ef23f
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy May 3, 2022
606ed96
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy May 5, 2022
1e89817
Merge branch 'alpha' of https://github.com/dblythy/parse-server into …
dblythy Jun 7, 2022
9720e8e
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy Jun 7, 2022
7bc5c36
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy Jun 17, 2022
7b2ab38
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy Jun 18, 2022
3c8f5cc
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy Sep 18, 2022
5814437
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy Sep 29, 2022
986c6c2
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy Nov 3, 2022
6a40dc4
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy Nov 10, 2022
a9fb355
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy Dec 20, 2022
132ccaf
fix: improved masterKeyIPs
dblythy Apr 10, 2023
0df02bf
Update middlewares.js
dblythy Apr 10, 2023
4b74cf4
Update middlewares.js
dblythy Apr 10, 2023
3705640
Update middlewares.js
dblythy Apr 11, 2023
8c21d1e
wip
dblythy Apr 11, 2023
113aa96
fix version
dblythy Apr 11, 2023
e640f4f
Merge branch 'alpha' into masterKeysIPS
mtrezza Apr 11, 2023
de35146
Update middlewares.js
dblythy Apr 11, 2023
de8b8ea
Merge remote-tracking branch 'upstream/alpha' into alpha
dblythy Apr 12, 2023
bc01d3e
Merge branch 'alpha' into masterKeysIPS
dblythy Apr 12, 2023
543a849
convert to ipv6
dblythy Apr 12, 2023
5400928
Update middlewares.js
dblythy Apr 12, 2023
d52d389
refactor to blocklist
dblythy Apr 12, 2023
bd40ed5
Update Middlewares.spec.js
dblythy Apr 12, 2023
c2fdbd7
Update middlewares.js
dblythy Apr 12, 2023
6602acf
Update middlewares.js
dblythy May 16, 2023
8b3f51f
Merge branch 'alpha' into masterKeysIPS
mtrezza May 17, 2023
ee863d7
Merge branch 'alpha' into masterKeysIPS
dblythy Jun 19, 2023
ec01674
lint
dblythy Jun 20, 2023
becf01c
Update Middlewares.spec.js
dblythy Jun 20, 2023
8f4fa5d
Update Middlewares.spec.js
dblythy Jun 20, 2023
e81cad0
Merge branch 'alpha' into masterKeysIPS
mtrezza Jun 20, 2023
d5c7ae9
add tests
dblythy Jun 27, 2023
a5230fa
Merge branch 'alpha' into masterKeysIPS
dblythy Jun 27, 2023
cb7ec31
Merge branch 'alpha' into masterKeysIPS
mtrezza Jun 30, 2023
8ca0279
Merge branch 'alpha' into masterKeysIPS
mtrezza Oct 7, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
add tests
  • Loading branch information
dblythy committed Jun 27, 2023
commit d5c7ae944aae11f9be32f520600f9d083988981d
35 changes: 35 additions & 0 deletions spec/Middlewares.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,41 @@ describe('middlewares', () => {
);
});

it('should match address', () => {
const ipv6 = '2001:0db8:85a3:0000:0000:8a2e:0370:7334';
const anotherIpv6 = '::ffff:101.10.0.1';
const ipv4 = '192.168.0.101';
const localhostV6 = '::1';
const localhostV62 = '::ffff:127.0.0.1';
const localhostV4 = '127.0.0.1';

const v6 = [ipv6, anotherIpv6];
v6.forEach(ip => {
expect(middlewares.checkIpRanges(ip, ['::/0'])).toBe(true);
expect(middlewares.checkIpRanges(ip, ['::'])).toBe(true);
expect(middlewares.checkIpRanges(ip, ['0.0.0.0'])).toBe(false);
expect(middlewares.checkIpRanges(ip, ['123.123.123.123'])).toBe(false);
});

expect(middlewares.checkIpRanges(ipv6, [anotherIpv6])).toBe(false);
expect(middlewares.checkIpRanges(ipv6, [ipv6])).toBe(true);
expect(middlewares.checkIpRanges(ipv6, ['2001:db8:85a3:0:0:8a2e:0:0/100'])).toBe(true);

expect(middlewares.checkIpRanges(ipv4, ['::'])).toBe(false);
expect(middlewares.checkIpRanges(ipv4, ['::/0'])).toBe(true);
expect(middlewares.checkIpRanges(ipv4, ['0.0.0.0'])).toBe(true);
expect(middlewares.checkIpRanges(ipv4, ['123.123.123.123'])).toBe(false);
expect(middlewares.checkIpRanges(ipv4, [ipv4])).toBe(true);
expect(middlewares.checkIpRanges(ipv4, ['192.168.0.0/24'])).toBe(true);

expect(middlewares.checkIpRanges(localhostV4, ['::1'])).toBe(false);
expect(middlewares.checkIpRanges(localhostV6, ['::1'])).toBe(true);
// ::ffff:127.0.0.1 is a padded ipv4 address but not ::1
expect(middlewares.checkIpRanges(localhostV62, ['::1'])).toBe(false);
// ::ffff:127.0.0.1 is a padded ipv4 address and is a match for 127.0.0.1
expect(middlewares.checkIpRanges(localhostV62, ['127.0.0.1'])).toBe(true);
});

it('can allow all with masterKeyIPs', async () => {
const combinations = [
{
Expand Down
2 changes: 1 addition & 1 deletion src/middlewares.js
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ const getMountForRequest = function (req) {
return req.protocol + '://' + req.get('host') + mountPath;
};

const checkIpRanges = (ip, ranges = []) => {
export const checkIpRanges = (ip, ranges = []) => {
const getType = address => (isIPv4(address) ? 'ipv4' : 'ipv6');
const clientType = getType(ip);
const blocklist = new BlockList();
Expand Down