summaryrefslogtreecommitdiffstats
path: root/etc/inc
diff options
context:
space:
mode:
authorsmos <seth.mos@dds.nl>2011-08-21 13:13:11 +0200
committersmos <seth.mos@dds.nl>2011-08-21 13:13:11 +0200
commite6f7e0be56b8b2ea643cefb477a6ffe15380cdbb (patch)
tree49a91fade60eac6c6535af150cf3caf444952347 /etc/inc
parent4cf79fdd9b71f2b597a799aef6721511d1baa4de (diff)
downloadpfsense-e6f7e0be56b8b2ea643cefb477a6ffe15380cdbb.zip
pfsense-e6f7e0be56b8b2ea643cefb477a6ffe15380cdbb.tar.gz
Fix the referrer checks for IPv6 addresses Ticket #1583
Diffstat (limited to 'etc/inc')
-rw-r--r--etc/inc/auth.inc8
-rw-r--r--etc/inc/util.inc22
2 files changed, 30 insertions, 0 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc
index 7ad5291..b551be0 100644
--- a/etc/inc/auth.inc
+++ b/etc/inc/auth.inc
@@ -117,6 +117,7 @@ if(function_exists("display_error_form") && !isset($config['system']['webgui']['
}
$found_host = false;
$referrer_host = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);
+ $referrer_host = str_replace(array("[", "]"), "", $referrer_host);
if($referrer_host) {
if(strcasecmp($referrer_host, $config['system']['hostname'] . "." . $config['system']['domain']) == 0
|| strcasecmp($referrer_host, $config['system']['hostname']) == 0)
@@ -138,6 +139,13 @@ if(function_exists("display_error_form") && !isset($config['system']['webgui']['
break;
}
}
+ $interface_list_ipv6s = get_configured_ipv6_addresses();
+ foreach($interface_list_ipv6s as $ilipv6s) {
+ if(strcasecmp($referrer_host, $ilipv6s) == 0) {
+ $found_host = true;
+ break;
+ }
+ }
if($referrer_host == "127.0.0.1" || $referrer_host == "localhost") {
// allow SSH port forwarded connections and links from localhost
$found_host = true;
diff --git a/etc/inc/util.inc b/etc/inc/util.inc
index fee252c..23a7cda 100644
--- a/etc/inc/util.inc
+++ b/etc/inc/util.inc
@@ -744,6 +744,28 @@ function get_configured_ip_addresses() {
}
/*
+ * get_configured_ipv6_addresses() - Return a list of all configured
+ * interfaces IPv6 Addresses
+ *
+ */
+function get_configured_ipv6_addresses() {
+ require_once("interfaces.inc");
+ $ipv6_array = array();
+ $interfaces = get_configured_interface_list();
+ if(is_array($interfaces)) {
+ foreach($interfaces as $int) {
+ $ipaddrv6 = get_interface_ipv6($int);
+ $ipv6_array[$int] = $ipaddrv6;
+ }
+ }
+ $interfaces = get_configured_carp_interface_list();
+ if(is_array($interfaces))
+ foreach($interfaces as $int => $ipaddrv6)
+ $ipv6_array[$int] = $ipaddrv6;
+ return $ipv6_array;
+}
+
+/*
* get_interface_list() - Return a list of all physical interfaces
* along with MAC and status.
*
OpenPOWER on IntegriCloud