Affected by GO-2024-2430 and 4 other vulnerabilities

GO-2024-2430: Authenticated users can crash the CubeFS servers with maliciously crafted requests in github.com/cubefs/cubefs

GO-2024-2431: Insecure random string generator used for sensitive data in github.com/cubefs/cubefs

GO-2024-2432: CubeFS timing attack can leak user passwords in github.com/cubefs/cubefs

GO-2024-2433: CubeFS leaks magic secret key when starting Blobstore access service in github.com/cubefs/cubefs

GO-2024-2434: CubeFS leaks users key in logs in github.com/cubefs/cubefs

iputil

package

v2.2.1+incompatible Latest Latest Go to latest Published: Sep 7, 2020 License: Apache-2.0 Imports: 4 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

View Source

const DEFAULT_MAX_DISTANCE = 128

set default max distance from two ips to length of ipv6

This section is empty.

func FromRequest(r *http.Request) string

FromRequest return client's real public IP address from http request headers.

func GetDistance(a, b net.IP) int

func RealIP(r *http.Request) string

RealIP is depreciated, use FromRequest instead

This section is empty.