From 162a228e7ca2af8507d88fc99743924c898bd9f2 Mon Sep 17 00:00:00 2001 From: mohamadreza Date: Mon, 1 Jan 2024 11:36:08 +0330 Subject: [PATCH 1/3] refactor: refactor make trust ip --- gin.go | 17 ++++++----------- utils/ip.go | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+), 11 deletions(-) create mode 100644 utils/ip.go diff --git a/gin.go b/gin.go index 5a605cf1..19b24da3 100644 --- a/gin.go +++ b/gin.go @@ -17,6 +17,7 @@ import ( "github.com/gin-gonic/gin/internal/bytesconv" "github.com/gin-gonic/gin/render" + "github.com/gin-gonic/gin/utils" "golang.org/x/net/http2" "golang.org/x/net/http2/h2c" ) @@ -387,6 +388,7 @@ func (engine *Engine) Run(addr ...string) (err error) { } func (engine *Engine) prepareTrustedCIDRs() ([]*net.IPNet, error) { + var err error if engine.trustedProxies == nil { return nil, nil } @@ -394,17 +396,10 @@ func (engine *Engine) prepareTrustedCIDRs() ([]*net.IPNet, error) { cidr := make([]*net.IPNet, 0, len(engine.trustedProxies)) for _, trustedProxy := range engine.trustedProxies { if !strings.Contains(trustedProxy, "/") { - ip := parseIP(trustedProxy) - if ip == nil { - return cidr, &net.ParseError{Type: "IP address", Text: trustedProxy} - } - - switch len(ip) { - case net.IPv4len: - trustedProxy += "/32" - case net.IPv6len: - trustedProxy += "/128" - } + trustedProxy, err = utils.MakeTrustIP(trustedProxy) + } + if err != nil { + return cidr, err } _, cidrNet, err := net.ParseCIDR(trustedProxy) if err != nil { diff --git a/utils/ip.go b/utils/ip.go new file mode 100644 index 00000000..2301ff6e --- /dev/null +++ b/utils/ip.go @@ -0,0 +1,42 @@ +package utils + +import ( + "net" +) + +func parseIP(ip string) (net.IP, error) { + parsedIP := net.ParseIP(ip) + + if ipv4 := parsedIP.To4(); ipv4 != nil { + return ipv4, nil + } + if parsedIP != nil{ + return parsedIP, nil + } + return nil, &net.ParseError{Type: "IP address", Text: ip} +} + +func MakeTrustIP(trustedIP string) (string, error) { + ip, err := parseIP(trustedIP) + + if err != nil { + return "", err + } + + var mapRenderIP = map [int]func(trustIP string) string{ + net.IPv4len: func(trustIP string) string{ + return trustIP + "/32" + }, + net.IPv6len: func(trustIP string) string{ + return trustIP + "/32" + }, + } + + fn, isExistKey := mapRenderIP[len(ip)] + + if isExistKey != true{ + return "", &net.ParseError{Type: "IP address", Text: trustedIP} + } + + return fn(trustedIP), nil +} \ No newline at end of file From 0dd4fe5b48b31fd36607f1c5957d29dd45ce5bc7 Mon Sep 17 00:00:00 2001 From: mohamadreza Date: Mon, 1 Jan 2024 15:04:25 +0330 Subject: [PATCH 2/3] refactor: refactor make trust ip --- gin.go | 5 ++--- utils/ip.go | 4 ++++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/gin.go b/gin.go index 19b24da3..5cf19621 100644 --- a/gin.go +++ b/gin.go @@ -395,9 +395,8 @@ func (engine *Engine) prepareTrustedCIDRs() ([]*net.IPNet, error) { cidr := make([]*net.IPNet, 0, len(engine.trustedProxies)) for _, trustedProxy := range engine.trustedProxies { - if !strings.Contains(trustedProxy, "/") { - trustedProxy, err = utils.MakeTrustIP(trustedProxy) - } + trustedProxy, err = utils.MakeTrustIP(trustedProxy) + if err != nil { return cidr, err } diff --git a/utils/ip.go b/utils/ip.go index 2301ff6e..9f4d54b9 100644 --- a/utils/ip.go +++ b/utils/ip.go @@ -2,6 +2,7 @@ package utils import ( "net" + "strings" ) func parseIP(ip string) (net.IP, error) { @@ -17,6 +18,9 @@ func parseIP(ip string) (net.IP, error) { } func MakeTrustIP(trustedIP string) (string, error) { + if strings.Contains(trustedIP, "/") { + return trustedIP, nil + } ip, err := parseIP(trustedIP) if err != nil { From 11763f132db6e5b491ac4ad4fa1a8fa6fcd27edc Mon Sep 17 00:00:00 2001 From: mohamadreza Date: Mon, 1 Jan 2024 15:16:06 +0330 Subject: [PATCH 3/3] chore: discard unnesary function parseIp --- gin.go | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/gin.go b/gin.go index 5cf19621..b5e15318 100644 --- a/gin.go +++ b/gin.go @@ -469,20 +469,6 @@ func (engine *Engine) validateHeader(header string) (clientIP string, valid bool return "", false } -// parseIP parse a string representation of an IP and returns a net.IP with the -// minimum byte representation or nil if input is invalid. -func parseIP(ip string) net.IP { - parsedIP := net.ParseIP(ip) - - if ipv4 := parsedIP.To4(); ipv4 != nil { - // return ip in a 4-byte representation - return ipv4 - } - - // return ip in a 16-byte representation or nil - return parsedIP -} - // RunTLS attaches the router to a http.Server and starts listening and serving HTTPS (secure) requests. // It is a shortcut for http.ListenAndServeTLS(addr, certFile, keyFile, router) // Note: this method will block the calling goroutine indefinitely unless an error happens.