Merge branch 'sshd-forwarded-for' into 'main'

Pass original IP from PROXY requests to internal API calls See merge request gitlab-org/gitlab-shell!665
author: Igor Drozdov <idrozdov@gitlab.com> 2022-07-01 11:02:59 +0000
committer: Igor Drozdov <idrozdov@gitlab.com> 2022-07-01 11:02:59 +0000
commit: 0d7ef238cb8c05eabaec85e62bec70a40147d1df (patch)
tree: 9179705f9e8b6ee309d456323fbaedaa70141c7e /internal/gitlabnet/client.go
parent: 01f4e022c04b29b896eb383e6e6a33f96a6beeb1 (diff)
parent: 9b60ce49460876d0e599f2fec65f02856930dbcd (diff)
download: gitlab-shell-0d7ef238cb8c05eabaec85e62bec70a40147d1df.tar.gz
1 files changed, 16 insertions, 0 deletions
diff --git a/internal/gitlabnet/client.go b/internal/gitlabnet/client.go
index 39c3320..9bcf6db 100644
--- a/internal/gitlabnet/client.go
+++ b/internal/gitlabnet/client.go
@@ -3,6 +3,7 @@ package gitlabnet
 import (
 	"encoding/json"
 	"fmt"
+	"net"
 	"net/http"
 
 	"gitlab.com/gitlab-org/gitlab-shell/client"
@@ -34,3 +35,18 @@ func ParseJSON(hr *http.Response, response interface{}) error {
 
 	return nil
 }
+
+func ParseIP(remoteAddr string) string {
+	// The remoteAddr field can be filled by:
+	// 1. An IP address via the SSH_CONNECTION environment variable
+	// 2. A host:port combination via the PROXY protocol
+	ip, _, err := net.SplitHostPort(remoteAddr)
+
+	// If we don't have a port or can't parse this address for some reason,
+	// just return the original string.
+	if err != nil {
+		return remoteAddr
+	}
+
+	return ip
+}
author	Igor Drozdov <idrozdov@gitlab.com>	2022-07-01 11:02:59 +0000
committer	Igor Drozdov <idrozdov@gitlab.com>	2022-07-01 11:02:59 +0000
commit	0d7ef238cb8c05eabaec85e62bec70a40147d1df (patch)
tree	9179705f9e8b6ee309d456323fbaedaa70141c7e /internal/gitlabnet/client.go
parent	01f4e022c04b29b896eb383e6e6a33f96a6beeb1 (diff)
parent	9b60ce49460876d0e599f2fec65f02856930dbcd (diff)
download	gitlab-shell-0d7ef238cb8c05eabaec85e62bec70a40147d1df.tar.gz