From a30a849b78fa4fe8552141b7b2802d1af1b18c09 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 13 Oct 2019 10:36:33 +0200
Subject: Adding upstream version 1.18.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 web/server/web_server.c | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

(limited to 'web/server/web_server.c')

diff --git a/web/server/web_server.c b/web/server/web_server.c
index 9e51c81fe..b8b84bc36 100644
--- a/web/server/web_server.c
+++ b/web/server/web_server.c
@@ -86,22 +86,34 @@ SIMPLE_PATTERN *web_allow_netdataconf_from = NULL;
 void web_client_update_acl_matches(struct web_client *w) {
     w->acl = WEB_CLIENT_ACL_NONE;
 
-    if(!web_allow_dashboard_from || simple_pattern_matches(web_allow_dashboard_from, w->client_ip))
+    if (!web_allow_dashboard_from ||
+        connection_allowed(w->ifd, w->client_ip, w->client_host, sizeof(w->client_host),
+                           web_allow_dashboard_from, "dashboard"))
         w->acl |= WEB_CLIENT_ACL_DASHBOARD;
 
-    if(!web_allow_registry_from || simple_pattern_matches(web_allow_registry_from, w->client_ip))
+    if (!web_allow_registry_from ||
+        connection_allowed(w->ifd, w->client_ip, w->client_host, sizeof(w->client_host),
+                           web_allow_registry_from, "registry"))
         w->acl |= WEB_CLIENT_ACL_REGISTRY;
 
-    if(!web_allow_badges_from || simple_pattern_matches(web_allow_badges_from, w->client_ip))
+    if (!web_allow_badges_from ||
+        connection_allowed(w->ifd, w->client_ip, w->client_host, sizeof(w->client_host),
+                           web_allow_badges_from, "badges"))
         w->acl |= WEB_CLIENT_ACL_BADGE;
 
-    if(!web_allow_mgmt_from || simple_pattern_matches(web_allow_mgmt_from, w->client_ip))
+    if (!web_allow_mgmt_from ||
+        connection_allowed(w->ifd, w->client_ip, w->client_host, sizeof(w->client_host),
+                           web_allow_mgmt_from, "management"))
         w->acl |= WEB_CLIENT_ACL_MGMT;
 
-    if(!web_allow_streaming_from || simple_pattern_matches(web_allow_streaming_from, w->client_ip))
+    if (!web_allow_streaming_from ||
+        connection_allowed(w->ifd, w->client_ip, w->client_host, sizeof(w->client_host),
+                           web_allow_streaming_from, "streaming"))
         w->acl |= WEB_CLIENT_ACL_STREAMING;
 
-    if(!web_allow_netdataconf_from || simple_pattern_matches(web_allow_netdataconf_from, w->client_ip))
+    if (!web_allow_netdataconf_from ||
+       connection_allowed(w->ifd, w->client_ip, w->client_host, sizeof(w->client_host),
+                          web_allow_netdataconf_from, "netdata.conf"))
         w->acl |= WEB_CLIENT_ACL_NETDATACONF;
 
     w->acl &= w->port_acl;
-- 
cgit v1.2.3