From 1c4b2a634ee188a652b1b19e18df29641df8a256 Mon Sep 17 00:00:00 2001
From: ildyria <beviguier@gmail.com>
Date: Sun, 5 May 2024 14:00:23 +0200
Subject: [PATCH] support multiple hostnames, comma separated

---
 cmd/socket-proxy/handlehttprequest.go | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/cmd/socket-proxy/handlehttprequest.go b/cmd/socket-proxy/handlehttprequest.go
index f2441e9..ab462cf 100644
--- a/cmd/socket-proxy/handlehttprequest.go
+++ b/cmd/socket-proxy/handlehttprequest.go
@@ -6,6 +6,7 @@ import (
 	"log/slog"
 	"net"
 	"net/http"
+	"strings"
 )
 
 // handleHttpRequest checks if the request is allowed and sends it to the proxy.
@@ -61,14 +62,18 @@ func isAllowedClient(remoteAddr string) (bool, error) {
 		return allowedIPNet.Contains(clientIP), nil
 	} else {
 		// AllowFrom is not a valid CIDR, so try to resolve it via DNS
-		ips, err := net.LookupIP(cfg.AllowFrom)
-		if err != nil {
-			return false, errors.New("error looking up allowed client hostname: " + err.Error())
-		}
-		for _, ip := range ips {
-			// Check if IP address is one of the resolved IPs
-			if ip.Equal(clientIP) {
-				return true, nil
+		// split over comma to support multiple hostnames
+		allowFroms := strings.Split(cfg.AllowFrom, ",")
+		for _, allowFrom := range allowFroms {
+			ips, err := net.LookupIP(allowFrom)
+			if err != nil {
+				return false, errors.New("error looking up allowed client hostname: " + err.Error())
+			}
+			for _, ip := range ips {
+				// Check if IP address is one of the resolved IPs
+				if ip.Equal(clientIP) {
+					return true, nil
+				}
 			}
 		}
 		return false, nil