diff options
| author | smos <seth.mos@dds.nl> | 2011-08-21 13:13:11 +0200 |
|---|---|---|
| committer | smos <seth.mos@dds.nl> | 2011-08-21 13:13:11 +0200 |
| commit | e6f7e0be56b8b2ea643cefb477a6ffe15380cdbb (patch) | |
| tree | 49a91fade60eac6c6535af150cf3caf444952347 | |
| parent | 4cf79fdd9b71f2b597a799aef6721511d1baa4de (diff) | |
| download | pfsense-e6f7e0be56b8b2ea643cefb477a6ffe15380cdbb.zip pfsense-e6f7e0be56b8b2ea643cefb477a6ffe15380cdbb.tar.gz | |
Fix the referrer checks for IPv6 addresses Ticket #1583
| -rw-r--r-- | etc/inc/auth.inc | 8 | ||||
| -rw-r--r-- | etc/inc/util.inc | 22 |
2 files changed, 30 insertions, 0 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 7ad5291..b551be0 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -117,6 +117,7 @@ if(function_exists("display_error_form") && !isset($config['system']['webgui'][' } $found_host = false; $referrer_host = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST); + $referrer_host = str_replace(array("[", "]"), "", $referrer_host); if($referrer_host) { if(strcasecmp($referrer_host, $config['system']['hostname'] . "." . $config['system']['domain']) == 0 || strcasecmp($referrer_host, $config['system']['hostname']) == 0) @@ -138,6 +139,13 @@ if(function_exists("display_error_form") && !isset($config['system']['webgui'][' break; } } + $interface_list_ipv6s = get_configured_ipv6_addresses(); + foreach($interface_list_ipv6s as $ilipv6s) { + if(strcasecmp($referrer_host, $ilipv6s) == 0) { + $found_host = true; + break; + } + } if($referrer_host == "127.0.0.1" || $referrer_host == "localhost") { // allow SSH port forwarded connections and links from localhost $found_host = true; diff --git a/etc/inc/util.inc b/etc/inc/util.inc index fee252c..23a7cda 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -744,6 +744,28 @@ function get_configured_ip_addresses() { } /* + * get_configured_ipv6_addresses() - Return a list of all configured + * interfaces IPv6 Addresses + * + */ +function get_configured_ipv6_addresses() { + require_once("interfaces.inc"); + $ipv6_array = array(); + $interfaces = get_configured_interface_list(); + if(is_array($interfaces)) { + foreach($interfaces as $int) { + $ipaddrv6 = get_interface_ipv6($int); + $ipv6_array[$int] = $ipaddrv6; + } + } + $interfaces = get_configured_carp_interface_list(); + if(is_array($interfaces)) + foreach($interfaces as $int => $ipaddrv6) + $ipv6_array[$int] = $ipaddrv6; + return $ipv6_array; +} + +/* * get_interface_list() - Return a list of all physical interfaces * along with MAC and status. * |
