harry/keystone
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

better IP validation

Browse Source
This commit is contained in:
Harry (hjbdev)
2025-03-30 15:49:55 +00:00
parent 25543b497f
commit 678581b822
2 changed files with 54 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
routes/web.php
View File

@@ -6,6 +6,7 @@ use App\Http\Controllers\EnvironmentController;
use App\Http\Controllers\OrganisationController;
use App\Http\Controllers\ServerController;
use App\Models\Server;
use App\Support\Ip;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use Inertia\Inertia;
@@ -67,9 +68,16 @@ Route::post('/provision-callback', function (Request $request) {
$server = Server::find($validated['server_id']);
// Check against ipv4 and ipv6
$isValidIp = false;
if ($server->ipv4 && Ip::inNetwork($request->ip(), $server->ipv4)) {
$isValidIp = true;
}
if ($server->ipv6 && Ip::inNetwork($request->ip(), $server->ipv6)) {
$isValidIp = true;
}
if ($request->ip() !== $server->ipv4 && inet_pton($request->ip()) !== inet_pton($server->ipv6)) {
if (! $isValidIp) {
logger('someone tried to callback from an invalid IP');
logger(' server ip: ' . $server->ipv4);
logger(' server ipv6: ' . $server->ipv6);