Ensure validation occurs on clone addresses too (#14994)

* Ensure validation occurs on clone addresses too Fix #14984 Signed-off-by: Andrew Thornton <art27@cantab.net> * fix lint Signed-off-by: Andrew Thornton <art27@cantab.net> * fix test Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix api tests Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2025-06-01 04:12:10 +00:00 · 2021-03-15 21:52:11 +00:00 · 2021-03-15 21:52:11 +00:00 · 6e423d5573
commit 6e423d5573
parent f268b4896b
10 changed files with 166 additions and 130 deletions
--- a/routers/repo/migrate.go
+++ b/routers/repo/migrate.go
@ -13,6 +13,7 @@ import (
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/context"
 	auth "code.gitea.io/gitea/modules/forms"
+	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/migrations"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/structs"
@ -97,7 +98,7 @@ func handleMigrateError(ctx *context.Context, owner *models.User, err error, nam
 		ctx.Data["Err_RepoName"] = true
 		ctx.RenderWithErr(ctx.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), tpl, form)
 	default:
-		remoteAddr, _ := auth.ParseRemoteAddr(form.CloneAddr, form.AuthUsername, form.AuthPassword, owner)
+		remoteAddr, _ := auth.ParseRemoteAddr(form.CloneAddr, form.AuthUsername, form.AuthPassword)
 		err = util.URLSanitizedError(err, remoteAddr)
 		if strings.Contains(err.Error(), "Authentication failed") ||
 			strings.Contains(err.Error(), "Bad credentials") ||
@ -138,23 +139,36 @@ func MigratePost(ctx *context.Context) {
 		return
 	}

-	remoteAddr, err := auth.ParseRemoteAddr(form.CloneAddr, form.AuthUsername, form.AuthPassword, ctx.User)
+	remoteAddr, err := auth.ParseRemoteAddr(form.CloneAddr, form.AuthUsername, form.AuthPassword)
+	if err == nil {
+		err = migrations.IsMigrateURLAllowed(remoteAddr, ctx.User)
+	}
 	if err != nil {
 		if models.IsErrInvalidCloneAddr(err) {
 			ctx.Data["Err_CloneAddr"] = true
-			addrErr := err.(models.ErrInvalidCloneAddr)
+			addrErr := err.(*models.ErrInvalidCloneAddr)
 			switch {
+			case addrErr.IsProtocolInvalid:
+				ctx.RenderWithErr(ctx.Tr("repo.mirror_address_protocol_invalid"), tpl, &form)
 			case addrErr.IsURLError:
 				ctx.RenderWithErr(ctx.Tr("form.url_error"), tpl, &form)
 			case addrErr.IsPermissionDenied:
-				ctx.RenderWithErr(ctx.Tr("repo.migrate.permission_denied"), tpl, &form)
+				if len(addrErr.PrivateNet) == 0 {
+					ctx.RenderWithErr(ctx.Tr("repo.migrate.permission_denied_private_ip"), tpl, &form)
+				} else if !addrErr.LocalPath {
+					ctx.RenderWithErr(ctx.Tr("repo.migrate.permission_denied_blocked"), tpl, &form)
+				} else {
+					ctx.RenderWithErr(ctx.Tr("repo.migrate.permission_denied"), tpl, &form)
+				}
 			case addrErr.IsInvalidPath:
 				ctx.RenderWithErr(ctx.Tr("repo.migrate.invalid_local_path"), tpl, &form)
 			default:
-				ctx.ServerError("Unknown error", err)
+				log.Error("Error whilst updating url: %v", err)
+				ctx.RenderWithErr(ctx.Tr("form.url_error"), tpl, &form)
 			}
 		} else {
-			ctx.ServerError("ParseRemoteAddr", err)
+			log.Error("Error whilst updating url: %v", err)
+			ctx.RenderWithErr(ctx.Tr("form.url_error"), tpl, &form)
 		}
 		return
 	}