[Koha-bugs] [Bug 24739] Buster ships with Net::Netmask 1.9104 which supports IPv6

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Fri Feb 28 00:45:45 CET 2020 

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24739

--- Comment #5 from David Cook <dcook at prosentient.com.au> ---
(In reply to Martin Renvoize from comment #2)
> I think my patch is wrong.. What I'm not sure about is whether the Koha side
> would handle IPv6 addresses correctly yet and as such whether the failure is
> flagging more work Koha side rather than a need to skip the test.

It seems to me that Koha could handle an IPv6 address in REMOTE_ADDR, so it
would be more optimal to test for IPv6 success with Net::Netmask I think.

But your patch works overall. 

Works on koha/koha-testing:master-buster:
1..14
ok 1 - use Koha::Middleware::RealIP;
ok 2 - There is no X-Forwarded-For header, so just use the remote address
ok 3 - Don't trust 1.1.1.1 as a proxy, so use it as the remote address
ok 4 - Trust proxy (1.1.1.1), so use the X-Forwarded-For header for the remote
address
ok 5 - Trust multiple proxies (1.1.1.1 and 3.3.3.3), so use the X-Forwaded-For
<client> portion for the remote address
ok 6 - Warn on misconfigured koha_trusted_proxies
ok 7 - koha_trusted_proxies is misconfigured so ignore the X-Forwarded-For
header
ok 8 - Warn on partially misconfigured koha_trusted_proxies
ok 9 - koha_trusted_proxies contains an invalid value but still includes one
correct value, which is relevant, so use X-Forwarded-For header
ok 10 - Trust proxy (1.1.1.1) using CIDR notation, so use the X-Forwarded-For
header for the remote address
ok 11 - Trust proxy (1.1.1.1) using abbreviated notation, so use the
X-Forwarded-For header for the remote address
ok 12 - Trust proxy (1.1.1.1) using an IP address and netmask separated by a
colon, so use the X-Forwarded-For header for the remote address
ok 13 # skip Net::Netmask at 1.9104+ supports IPv6
ok 14 # skip Net::Netmask at 1.9104+ supports IPv6

Works on koha/koha-testing:master
1..14
ok 1 - use Koha::Middleware::RealIP;
ok 2 - There is no X-Forwarded-For header, so just use the remote address
ok 3 - Don't trust 1.1.1.1 as a proxy, so use it as the remote address
ok 4 - Trust proxy (1.1.1.1), so use the X-Forwarded-For header for the remote
address
ok 5 - Trust multiple proxies (1.1.1.1 and 3.3.3.3), so use the X-Forwaded-For
<client> portion for the remote address
ok 6 - Warn on misconfigured koha_trusted_proxies
ok 7 - koha_trusted_proxies is misconfigured so ignore the X-Forwarded-For
header
ok 8 - Warn on partially misconfigured koha_trusted_proxies
ok 9 - koha_trusted_proxies contains an invalid value but still includes one
correct value, which is relevant, so use X-Forwarded-For header
ok 10 - Trust proxy (1.1.1.1) using CIDR notation, so use the X-Forwarded-For
header for the remote address
ok 11 - Trust proxy (1.1.1.1) using abbreviated notation, so use the
X-Forwarded-For header for the remote address
ok 12 - Trust proxy (1.1.1.1) using an IP address and netmask separated by a
colon, so use the X-Forwarded-For header for the remote address
ok 13 - Warn on IPv6 koha_trusted_proxies
ok 14 - IPv6 support was added in 1.9104 version of Net::Netmask

-- 
You are receiving this mail because:
You are watching all bug changes.

More information about the Koha-bugs mailing list