https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24739 --- Comment #5 from David Cook <dcook@prosentient.com.au> --- (In reply to Martin Renvoize from comment #2)
I think my patch is wrong.. What I'm not sure about is whether the Koha side would handle IPv6 addresses correctly yet and as such whether the failure is flagging more work Koha side rather than a need to skip the test.
It seems to me that Koha could handle an IPv6 address in REMOTE_ADDR, so it would be more optimal to test for IPv6 success with Net::Netmask I think. But your patch works overall. Works on koha/koha-testing:master-buster: 1..14 ok 1 - use Koha::Middleware::RealIP; ok 2 - There is no X-Forwarded-For header, so just use the remote address ok 3 - Don't trust 1.1.1.1 as a proxy, so use it as the remote address ok 4 - Trust proxy (1.1.1.1), so use the X-Forwarded-For header for the remote address ok 5 - Trust multiple proxies (1.1.1.1 and 3.3.3.3), so use the X-Forwaded-For <client> portion for the remote address ok 6 - Warn on misconfigured koha_trusted_proxies ok 7 - koha_trusted_proxies is misconfigured so ignore the X-Forwarded-For header ok 8 - Warn on partially misconfigured koha_trusted_proxies ok 9 - koha_trusted_proxies contains an invalid value but still includes one correct value, which is relevant, so use X-Forwarded-For header ok 10 - Trust proxy (1.1.1.1) using CIDR notation, so use the X-Forwarded-For header for the remote address ok 11 - Trust proxy (1.1.1.1) using abbreviated notation, so use the X-Forwarded-For header for the remote address ok 12 - Trust proxy (1.1.1.1) using an IP address and netmask separated by a colon, so use the X-Forwarded-For header for the remote address ok 13 # skip Net::Netmask at 1.9104+ supports IPv6 ok 14 # skip Net::Netmask at 1.9104+ supports IPv6 Works on koha/koha-testing:master 1..14 ok 1 - use Koha::Middleware::RealIP; ok 2 - There is no X-Forwarded-For header, so just use the remote address ok 3 - Don't trust 1.1.1.1 as a proxy, so use it as the remote address ok 4 - Trust proxy (1.1.1.1), so use the X-Forwarded-For header for the remote address ok 5 - Trust multiple proxies (1.1.1.1 and 3.3.3.3), so use the X-Forwaded-For <client> portion for the remote address ok 6 - Warn on misconfigured koha_trusted_proxies ok 7 - koha_trusted_proxies is misconfigured so ignore the X-Forwarded-For header ok 8 - Warn on partially misconfigured koha_trusted_proxies ok 9 - koha_trusted_proxies contains an invalid value but still includes one correct value, which is relevant, so use X-Forwarded-For header ok 10 - Trust proxy (1.1.1.1) using CIDR notation, so use the X-Forwarded-For header for the remote address ok 11 - Trust proxy (1.1.1.1) using abbreviated notation, so use the X-Forwarded-For header for the remote address ok 12 - Trust proxy (1.1.1.1) using an IP address and netmask separated by a colon, so use the X-Forwarded-For header for the remote address ok 13 - Warn on IPv6 koha_trusted_proxies ok 14 - IPv6 support was added in 1.9104 version of Net::Netmask -- You are receiving this mail because: You are watching all bug changes.