From 920fc1aeb68b5288f667368440af592b4ceb540c Mon Sep 17 00:00:00 2001 From: William Petit Date: Wed, 22 May 2024 15:13:39 +0200 Subject: [PATCH] fix(authn-network): handles r.RemoteAddr without port --- .../director/layer/authn/network/authenticator.go | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/internal/proxy/director/layer/authn/network/authenticator.go b/internal/proxy/director/layer/authn/network/authenticator.go index f32cd7c..1dd8351 100644 --- a/internal/proxy/director/layer/authn/network/authenticator.go +++ b/internal/proxy/director/layer/authn/network/authenticator.go @@ -4,6 +4,7 @@ import ( "context" "net" "net/http" + "strings" "forge.cadoles.com/cadoles/bouncer/internal/proxy/director/layer/authn" "forge.cadoles.com/cadoles/bouncer/internal/store" @@ -49,9 +50,13 @@ func (a *Authenticator) Authenticate(w http.ResponseWriter, r *http.Request, lay } func (a *Authenticator) matchAnyAuthorizedCIDRs(ctx context.Context, remoteHostPort string, CIDRs []string) (bool, error) { - remoteHost, _, err := net.SplitHostPort(remoteHostPort) - if err != nil { - return false, errors.WithStack(err) + var remoteHost string + if strings.Contains(remoteHostPort, ":") { + var err error + remoteHost, _, err = net.SplitHostPort(remoteHostPort) + if err != nil { + return false, errors.WithStack(err) + } } remoteAddr := net.ParseIP(remoteHost)