smeserver-gitweb/contribs9/smeserver-gitweb-1.1.0-checktrusted_networks.patch

diff -Nur smeserver-gitweb-1.1.0.old/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook smeserver-gitweb-1.1.0/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook
--- smeserver-gitweb-1.1.0.old/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook      2016-06-22 12:52:10.450000000 -0400
+++ smeserver-gitweb-1.1.0/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook  2016-06-22 13:05:27.508000000 -0400
@@ -84,15 +84,22 @@
     my %properties = $repository->props;
 
     # Check if the request is from a local IP address for this host
-
-    # Get server private IP address and mask for access to the local network only
-    my @network_setting = split(/[\/ ]/, $local_network_setting );
-
-    # Check if the REMOTE_ADDR is within the range of the 'private' address for this server
-    my $remote_addr = NetAddr::IP->new( $ENV\{'REMOTE_ADDR'\} );
-    if( $remote_addr->within( new NetAddr::IP @network_setting[1], @network_setting[2] ) ) \{
-      return 1; # EXIT LOCAL HOST -> REPOSITORY VIEW ALLOWED
-    \}
+    my @network_set = split(/ /, $local_network_setting );
+ 
+    for my $cur_network (@network_set) \{
+       $cur_network = "$cur_network/255.255.255.255" unless $cur_network =~ /[0-9.]*\/[0-9.]*/;
+ 
+        # Get server private IP address and mask for access to the local
+       # network  only
+       my @network_setting = split(/\//, $cur_network );
+       
+       # Check if the REMOTE_ADDR is within the range of the
+       # 'private' address  for this server
+       my $remote_addr = NetAddr::IP->new( $ENV{'REMOTE_ADDR'} );
+       if( $remote_addr->within( new NetAddr::IP @network_setting[0],   @network_setting[1] ) ) \{
+               return 1; # EXIT LOCAL HOST -> REPOSITORY VIEW ALLOWED
+       \}
+     \}
 
     # See if internet access is allowed on this repository.
     if ($properties\{'allow_access_from'\}) \{
1	diff -Nur smeserver-gitweb-1.1.0.old/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook smeserver-gitweb-1.1.0/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook
2	--- smeserver-gitweb-1.1.0.old/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook 2016-06-22 12:52:10.450000000 -0400
3	+++ smeserver-gitweb-1.1.0/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook 2016-06-22 13:05:27.508000000 -0400
4	@@ -84,15 +84,22 @@
5	my %properties = $repository->props;
6
7	# Check if the request is from a local IP address for this host
8	-
9	- # Get server private IP address and mask for access to the local network only
10	- my @network_setting = split(/[\/ ]/, $local_network_setting );
11	-
12	- # Check if the REMOTE_ADDR is within the range of the 'private' address for this server
13	- my $remote_addr = NetAddr::IP->new( $ENV\{'REMOTE_ADDR'\} );
14	- if( $remote_addr->within( new NetAddr::IP @network_setting[1], @network_setting[2] ) ) \{
15	- return 1; # EXIT LOCAL HOST -> REPOSITORY VIEW ALLOWED
16	- \}
17	+ my @network_set = split(/ /, $local_network_setting );
18	+
19	+ for my $cur_network (@network_set) \{
20	+ $cur_network = "$cur_network/255.255.255.255" unless $cur_network =~ /[0-9.]\/[0-9.]/;
21	+
22	+ # Get server private IP address and mask for access to the local
23	+ # network only
24	+ my @network_setting = split(/\//, $cur_network );
25	+
26	+ # Check if the REMOTE_ADDR is within the range of the
27	+ # 'private' address for this server
28	+ my $remote_addr = NetAddr::IP->new( $ENV{'REMOTE_ADDR'} );
29	+ if( $remote_addr->within( new NetAddr::IP @network_setting[0], @network_setting[1] ) ) \{
30	+ return 1; # EXIT LOCAL HOST -> REPOSITORY VIEW ALLOWED
31	+ \}
32	+ \}
33
34	# See if internet access is allowed on this repository.
35	if ($properties\{'allow_access_from'\}) \{