io.of('/kiwi').authorization(function (handshakeData, callback) {
var address = handshakeData.address.address;
+
+ // If a forwarded-for header is found, switch the source address
+ if (handshakeData.headers['x-forwarded-for']) {
+ // Check we're connecting from a whitelisted proxy
+ if (!kiwi.config.http_proxies
+ || kiwi.config.http_proxies.indexOf(address) < 0)
+ {
+ console.log('Unlisted proxy:', address);
+ websocket.disconnect();
+ return;
+ }
+
+ // We're sent from a whitelisted proxy, replace the hosts
+ address = handshakeData.headers['x-forwarded-for'];
+ }
+
+
if (typeof kiwi.connections[address] === 'undefined') {
kiwi.connections[address] = {count: 0, sockets: []};
}
this.websocketConnection = function (websocket) {
- var con;
- kiwi.log("New connection!");
- websocket.kiwi = {address: websocket.handshake.address.address, buffer: {list: []}};
+ var con, address;
+
+ address = websocket.handshake.address.address;
+
+ // If a forwarded-for header is found, switch the source address
+ if (websocket.handshake.headers['x-forwarded-for']) {
+ // Check we're connecting from a whitelisted proxy
+ if (!kiwi.config.http_proxies
+ || kiwi.config.http_proxies.indexOf(address) < 0)
+ {
+ console.log('Unlisted proxy:', address);
+ websocket.disconnect();
+ return;
+ }
+
+ // We're sent from a whitelisted proxy, replace the hosts
+ address = websocket.handshake.headers['x-forwarded-for'];
+ }
+
+ kiwi.log('New connection! ' + address);
+
+ websocket.kiwi = {address: address, buffer: {list: []}};
con = kiwi.connections[websocket.kiwi.address];
if (con.count >= kiwi.config.max_client_conns) {
websocket.sendServerLine('CAP LS');
websocket.sendServerLine('NICK ' + nick);
- console.log('SENDING ', 'USER kiwi_' + nick.replace(/[^0-9a-zA-Z\-_.]/, '') + ' 0 0 :' + realname);
websocket.sendServerLine('USER kiwi_' + nick.replace(/[^0-9a-zA-Z\-_.]/, '') + ' 0 0 :' + realname);
that.connected = true;
projects / KiwiIRC.git / commitdiff