diff --git a/radicale/auth/__init__.py b/radicale/auth/__init__.py index 62a7b34f..e85419f4 100644 --- a/radicale/auth/__init__.py +++ b/radicale/auth/__init__.py @@ -55,15 +55,34 @@ CACHE_LOGIN_TYPES: Sequence[str] = ( "pam", ) +INSECURE_IF_NO_LOOPBACK_TYPES: Sequence[str] = ( + "remote_user", + "http_x_remote_user", + ) + AUTH_SOCKET_FAMILY: Sequence[str] = ("AF_UNIX", "AF_INET", "AF_INET6") def load(configuration: "config.Configuration") -> "BaseAuth": """Load the authentication module chosen in configuration.""" - if configuration.get("auth", "type") == "none": - logger.warning("No user authentication is selected: '[auth] type=none' (insecure)") - if configuration.get("auth", "type") == "denyall": - logger.warning("All access is blocked by: '[auth] type=denyall'") + _type = configuration.get("auth", "type") + if _type == "none": + logger.warning("No user authentication is selected: '[auth] type=none' (INSECURE)") + elif _type == "denyall": + logger.warning("All user authentication is blocked by: '[auth] type=denyall'") + elif _type in INSECURE_IF_NO_LOOPBACK_TYPES: + hosts: List[Tuple[str, int]] = configuration.get("server", "hosts") + localhost_only = True + address_lo = [] + address = [] + for address_port in hosts: + if address_port[0] in [ "localhost", "localhost6", "127.0.0.1", "::1" ]: + address_lo.append(utils.format_address(address_port)) + else: + address.append(utils.format_address(address_port)) + localhost_only = False + if localhost_only is False: + logger.warning("User authentication '[auth] type=%s' is selected but server is not only listen on loopback address (potentially INSECURE): %s", _type, " ".join(address)) return utils.load_plugin(INTERNAL_TYPES, "auth", "Auth", BaseAuth, configuration)