external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

Added CloudFlare auto-loading of trusted proxy IP addresses.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2020-12-10 13:56:15 -08:00
parent 182d5fb295
commit 370d890b86
3 changed files with 59 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

30
meshcentral.js
View file

@ -1325,8 +1325,36 @@ function CreateMeshCentralServer(config, args) {
}
}
// Update proxy certificates
if (obj.supportsProxyCertificatesRequest == true) { obj.updateProxyCertificates(true); }
obj.StartEx4(); // Keep going
// Load CloudFlare trusted proxies list if needed
if ((obj.config.settings.trustedproxy != null) && (obj.config.settings.trustedproxy.toLowerCase() == 'cloudflare')) {
delete obj.args.trustedproxy;
delete obj.config.settings.trustedproxy;
obj.certificateOperations.loadTextFile('https://www.cloudflare.com/ips-v4', null, function (url, data, tag) {
if (data != null) {
if (Array.isArray(obj.args.trustedproxy) == false) { obj.args.trustedproxy = []; }
var ipranges = data.split('\n');
for (var i in ipranges) { if (ipranges[i] != '') { obj.args.trustedproxy.push(ipranges[i]); } }
obj.certificateOperations.loadTextFile('https://www.cloudflare.com/ips-v6', null, function (url, data, tag) {
if (data != null) {
var ipranges = data.split('\n');
for (var i in ipranges) { if (ipranges[i] != '') { obj.args.trustedproxy.push(ipranges[i]); } }
obj.config.settings.trustedproxy = obj.args.trustedproxy;
} else {
addServerWarning("Unable to load CloudFlare trusted proxy IPv6 address list.");
}
obj.StartEx4(); // Keep going
});
} else {
addServerWarning("Unable to load CloudFlare trusted proxy IPv4 address list.");
obj.StartEx4(); // Keep going
}
});
} else {
obj.StartEx4(); // Keep going
}
}
// Start the server with the given certificates