diff options
author | Aldo Cortesi <aldo@corte.si> | 2018-05-06 11:27:14 +1200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-05-06 11:27:14 +1200 |
commit | c53bc39c9547685d4227d9b4ad48a22d6d11dbff (patch) | |
tree | 8426096ff1876e3ebcab3f4165d8fffe4391c0e4 | |
parent | b4f618e801ba0dcf5c59b5c3781eb5b2724133e0 (diff) | |
parent | 54e2daa21e2c56c7c1469ce4239f9a4ff7815bc4 (diff) | |
download | mitmproxy-c53bc39c9547685d4227d9b4ad48a22d6d11dbff.tar.gz mitmproxy-c53bc39c9547685d4227d9b4ad48a22d6d11dbff.tar.bz2 mitmproxy-c53bc39c9547685d4227d9b4ad48a22d6d11dbff.zip |
Merge pull request #3099 from Kriechi/fix-3024
fix #3024
-rw-r--r-- | mitmproxy/addons/allowremote.py | 6 | ||||
-rw-r--r-- | test/mitmproxy/addons/test_allowremote.py | 48 |
2 files changed, 39 insertions, 15 deletions
diff --git a/mitmproxy/addons/allowremote.py b/mitmproxy/addons/allowremote.py index f1d3d8fb..ad4c4940 100644 --- a/mitmproxy/addons/allowremote.py +++ b/mitmproxy/addons/allowremote.py @@ -14,11 +14,13 @@ class AllowRemote: ) def clientconnect(self, layer): - address = layer.client_conn.address + address = ipaddress.ip_address(layer.client_conn.address[0]) + if isinstance(address, ipaddress.IPv6Address): + address = address.ipv4_mapped or address accept_connection = ( ctx.options.allow_remote or - ipaddress.ip_address(address[0]).is_private or + ipaddress.ip_address(address).is_private or ctx.options.proxyauth is not None ) diff --git a/test/mitmproxy/addons/test_allowremote.py b/test/mitmproxy/addons/test_allowremote.py index 0bdc5495..c8e3eb9e 100644 --- a/test/mitmproxy/addons/test_allowremote.py +++ b/test/mitmproxy/addons/test_allowremote.py @@ -5,27 +5,49 @@ from mitmproxy.addons import allowremote, proxyauth from mitmproxy.test import taddons -@pytest.mark.parametrize("allow_remote, ip, should_be_killed", [ - (True, "192.168.1.3", False), - (True, "122.176.243.101", False), - (False, "192.168.1.3", False), - (False, "122.176.243.101", True), - (True, "::ffff:1:2", False), - (True, "fe80::", False), - (True, "2001:4860:4860::8888", False), - (False, "::ffff:1:2", False), - (False, "fe80::", False), - (False, "2001:4860:4860::8888", True), +@pytest.mark.parametrize("allow_remote, should_be_killed, address", [ + (True, False, ("10.0.0.1",)), + (True, False, ("172.20.0.1",)), + (True, False, ("192.168.1.1",)), + (True, False, ("1.1.1.1",)), + (True, False, ("8.8.8.8",)), + (True, False, ("216.58.207.174",)), + (True, False, ("::ffff:1.1.1.1",)), + (True, False, ("::ffff:8.8.8.8",)), + (True, False, ("::ffff:216.58.207.174",)), + (True, False, ("::ffff:10.0.0.1",)), + (True, False, ("::ffff:172.20.0.1",)), + (True, False, ("::ffff:192.168.1.1",)), + (True, False, ("fe80::",)), + (True, False, ("2001:4860:4860::8888",)), + (False, False, ("10.0.0.1",)), + (False, False, ("172.20.0.1",)), + (False, False, ("192.168.1.1",)), + (False, True, ("1.1.1.1",)), + (False, True, ("8.8.8.8",)), + (False, True, ("216.58.207.174",)), + (False, True, ("::ffff:1.1.1.1",)), + (False, True, ("::ffff:8.8.8.8",)), + (False, True, ("::ffff:216.58.207.174",)), + (False, False, ("::ffff:10.0.0.1",)), + (False, False, ("::ffff:172.20.0.1",)), + (False, False, ("::ffff:192.168.1.1",)), + (False, False, ("fe80::",)), + (False, True, ("2001:4860:4860::8888",)), ]) @pytest.mark.asyncio -async def test_allowremote(allow_remote, ip, should_be_killed): +async def test_allowremote(allow_remote, should_be_killed, address): + if allow_remote: + # prevent faulty tests + assert not should_be_killed + ar = allowremote.AllowRemote() up = proxyauth.ProxyAuth() with taddons.context(ar, up) as tctx: tctx.options.allow_remote = allow_remote with mock.patch('mitmproxy.proxy.protocol.base.Layer') as layer: - layer.client_conn.address = (ip, 12345) + layer.client_conn.address = address ar.clientconnect(layer) if should_be_killed: |