From 6e423d5573c20b78d6e21cb044e8f4d5de5b288a Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Mon, 15 Mar 2021 21:52:11 +0000
Subject: Ensure validation occurs on clone addresses too (#14994)

* Ensure validation occurs on clone addresses too

Fix #14984

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix api tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
---
 routers/api/v1/repo/migrate.go | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

(limited to 'routers/api')

diff --git a/routers/api/v1/repo/migrate.go b/routers/api/v1/repo/migrate.go
index 61cd12b991..1eefa78d57 100644
--- a/routers/api/v1/repo/migrate.go
+++ b/routers/api/v1/repo/migrate.go
@@ -96,15 +96,24 @@ func Migrate(ctx *context.APIContext) {
 		}
 	}
 
-	remoteAddr, err := auth.ParseRemoteAddr(form.CloneAddr, form.AuthUsername, form.AuthPassword, ctx.User)
+	remoteAddr, err := auth.ParseRemoteAddr(form.CloneAddr, form.AuthUsername, form.AuthPassword)
+	if err == nil {
+		err = migrations.IsMigrateURLAllowed(remoteAddr, ctx.User)
+	}
 	if err != nil {
 		if models.IsErrInvalidCloneAddr(err) {
-			addrErr := err.(models.ErrInvalidCloneAddr)
+			addrErr := err.(*models.ErrInvalidCloneAddr)
 			switch {
 			case addrErr.IsURLError:
 				ctx.Error(http.StatusUnprocessableEntity, "", err)
 			case addrErr.IsPermissionDenied:
-				ctx.Error(http.StatusUnprocessableEntity, "", "You are not allowed to import local repositories.")
+				if addrErr.LocalPath {
+					ctx.Error(http.StatusUnprocessableEntity, "", "You are not allowed to import local repositories.")
+				} else if len(addrErr.PrivateNet) == 0 {
+					ctx.Error(http.StatusUnprocessableEntity, "", "You are not allowed to import from blocked hosts.")
+				} else {
+					ctx.Error(http.StatusUnprocessableEntity, "", "You are not allowed to import from private IPs.")
+				}
 			case addrErr.IsInvalidPath:
 				ctx.Error(http.StatusUnprocessableEntity, "", "Invalid local path, it does not exist or not a directory.")
 			default:
@@ -219,7 +228,7 @@ func handleMigrateError(ctx *context.APIContext, repoOwner *models.User, remoteA
 		ctx.Error(http.StatusUnprocessableEntity, "", fmt.Sprintf("The username '%s' contains invalid characters.", err.(models.ErrNameCharsNotAllowed).Name))
 	case models.IsErrNamePatternNotAllowed(err):
 		ctx.Error(http.StatusUnprocessableEntity, "", fmt.Sprintf("The pattern '%s' is not allowed in a username.", err.(models.ErrNamePatternNotAllowed).Pattern))
-	case models.IsErrMigrationNotAllowed(err):
+	case models.IsErrInvalidCloneAddr(err):
 		ctx.Error(http.StatusUnprocessableEntity, "", err)
 	case base.IsErrNotSupported(err):
 		ctx.Error(http.StatusUnprocessableEntity, "", err)
-- 
cgit v1.2.3