mirror of
https://github.com/lucaspalomodevelop/core.git
synced 2026-03-15 17:14:46 +00:00
(legacy) it feels kind of duplicate, but to avoid too much changes to how it works now let's keep the behavior approx. the same.
This commit is contained in:
Ad Schellevis
parent
1dc7387aae
commit
6c3bf3bb92
@ -148,20 +148,8 @@ if(function_exists("display_error_form") && !isset($config['system']['webgui']['
|
||||
}
|
||||
|
||||
if(!$found_host) {
|
||||
$interface_list_ips = get_configured_ip_addresses();
|
||||
foreach($interface_list_ips as $ilips) {
|
||||
if(strcasecmp($referrer_host, $ilips) == 0) {
|
||||
$found_host = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
$interface_list_ipv6s = get_configured_ipv6_addresses();
|
||||
foreach($interface_list_ipv6s as $ilipv6s) {
|
||||
if(strcasecmp($referrer_host, $ilipv6s) == 0) {
|
||||
$found_host = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
$found_host = isAuthLocalIP($referrer_host) ;
|
||||
|
||||
if($referrer_host == "127.0.0.1" || $referrer_host == "localhost") {
|
||||
// allow SSH port forwarded connections and links from localhost
|
||||
$found_host = true;
|
||||
@ -188,6 +176,37 @@ unset($security_passed);
|
||||
$groupindex = index_groups();
|
||||
$userindex = index_users();
|
||||
|
||||
/**
|
||||
* check if $http_host is a local configured ip address
|
||||
*/
|
||||
function isAuthLocalIP($http_host) {
|
||||
global $config;
|
||||
$local_ip = false;
|
||||
if (isset($config['interfaces'])) {
|
||||
foreach($config['interfaces'] as $if => $ifdetail) {
|
||||
if (isset($ifdetail['enable'])) {
|
||||
if (isset($ifdetail['ipaddr']) && $ifdetail['ipaddr'] == $http_host) {
|
||||
$local_ip = true;
|
||||
} elseif (isset($ifdetail['ipaddr6']) && $ifdetail['ipaddr6'] == $http_host) {
|
||||
$local_ip = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($config['virtualip'])) {
|
||||
if ($config['virtualip']['vip']) {
|
||||
foreach ($config['virtualip']['vip'] as $vip) {
|
||||
if ($vip['subnet'] == $http_host) {
|
||||
$local_ip = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $local_ip;
|
||||
}
|
||||
|
||||
function index_groups()
|
||||
{
|
||||
global $config, $groupindex;
|
||||
|
||||
@ -31,7 +31,6 @@
|
||||
*/
|
||||
|
||||
require_once("auth.inc");
|
||||
require_once("functions.inc");
|
||||
|
||||
// provided via legacy_bindings.inc
|
||||
global $priv_list;
|
||||
@ -408,27 +407,8 @@ function display_login_form()
|
||||
|
||||
// fix, local ip check was previously done using "filter_generate_optcfg_array" which basically includes alomst everything here.
|
||||
// this should do the trick as well.
|
||||
if (isset($config['interfaces'])) {
|
||||
foreach($config['interfaces'] as $if => $ifdetail) {
|
||||
if (isset($ifdetail['enable'])) {
|
||||
if (isset($ifdetail['ipaddr']) && $ifdetail['ipaddr'] == $http_host) {
|
||||
$local_ip = true;
|
||||
} elseif (isset($ifdetail['ipaddr6']) && $ifdetail['ipaddr6'] == $http_host) {
|
||||
$local_ip = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
$local_ip = isAuthLocalIP($http_host);
|
||||
|
||||
if (isset($config['virtualip'])) {
|
||||
if ($config['virtualip']['vip']) {
|
||||
foreach ($config['virtualip']['vip'] as $vip) {
|
||||
if ($vip['subnet'] == $http_host) {
|
||||
$local_ip = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
if (isset($config['openvpn']['openvpn-server'])) {
|
||||
foreach ($config['openvpn']['openvpn-server'] as $ovpns) {
|
||||
if (is_ipaddrv4($http_host) && !empty($ovpns['tunnel_network']) && ip_in_subnet($http_host, $ovpns['tunnel_network'])) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user