Strip scopes from remote IPs #1413

perfsonar · Mar 12, 2024 · 6c8d717 · 6c8d717
1 parent ae65a54
commit 6c8d717
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 6 deletions.
diff --git a/pscheduler-server/pscheduler-server/api-server/pschedulerapiserver/access.py b/pscheduler-server/pscheduler-server/api-server/pschedulerapiserver/access.py
@@ -5,6 +5,7 @@
 import pscheduler
 
 from .args import *
+from .util import *
 
 from flask import request
 
@@ -15,7 +16,7 @@ def access_write_task(original_requester, key=None):
     Determine whether a requester can write to a task or its runs.
     """
 
-    requester = request.remote_addr
+    requester = remote_address()
 
     # Local interfaces are always okay.
     if requester in local_ips:

diff --git a/pscheduler-server/pscheduler-server/api-server/pschedulerapiserver/admin.py b/pscheduler-server/pscheduler-server/api-server/pschedulerapiserver/admin.py
@@ -68,7 +68,7 @@ def exception_handler(ex):
 def exception():
     """Throw an exception"""
     # Allow only from localhost
-    if not request.remote_addr in ['127.0.0.1', '::1']:
+    if not remote_address() in ['127.0.0.1', '::1']:
         return not_allowed()
 
     raise Exception("Forced exception.")

diff --git a/pscheduler-server/pscheduler-server/api-server/pschedulerapiserver/debug.py.raw b/pscheduler-server/pscheduler-server/api-server/pschedulerapiserver/debug.py.raw
@@ -18,7 +18,7 @@ from flask import request
 from flask import Response
 
 from .args import *
-
+from .util import *
 
 
 module = sys.modules[__name__]
@@ -46,7 +46,7 @@ def debug_state():
 def debug():
 
     # Allow only from localhost
-    if not request.remote_addr in ['127.0.0.1', '::1']:
+    if not remote_address() in ['127.0.0.1', '::1']:
         return Response("Forbidden", status=403)
 
     if request.method == 'GET':

diff --git a/pscheduler-server/pscheduler-server/api-server/pschedulerapiserver/util.py b/pscheduler-server/pscheduler-server/api-server/pschedulerapiserver/util.py
@@ -13,6 +13,22 @@
 from .response import *
 
 
+#
+# Addresses
+#
+
+def _clean_address(address):
+    """
+    Remove scope (e.g., '1234::5%eth0') from an IP address.  Does not
+    apply to IPv4s but is safe to apply.
+    """
+    return address.split(sep='%', maxsplit=1)[0]
+
+
+def remote_address():
+    """Return a cleaned version of the remote address"""
+    return _clean_address(request.remote_addr)
+
 
 #
 # Hints
@@ -38,7 +54,7 @@ def request_hints():
     try:
         requester_header = request.headers["X-pScheduler-Requester"]
     except KeyError:
-        result["requester"] = request.remote_addr
+        result["requester"] = remote_address()
         return (result, None)
 
     # See if the actual requester is allowed to substitute its own address
@@ -73,7 +89,7 @@ def request_hints():
         log.debug("Database says requester key is okay.")
 
     result["requester"] = ip
-    result["requester-proxied-by"] = request.remote_addr
+    result["requester-proxied-by"] = remote_address()
 
     log.debug("Hints: %s", result)