auth: fix HTTP_REVER checks by reverts for now

This reverts commit 92a5f77a.
This reverts commit 681f654c.

src/etc/inc/auth.inc

@@ -38,7 +38,8 @@
 
 /* include globals from notices.inc /utility/XML parser files */
 require_once("radius.inc");
-
+require_once("interfaces.inc");
+require_once("util.inc");
 
 // Will be changed to false if security checks fail
 $security_passed = true;
@@ -147,8 +148,20 @@ if(function_exists("display_error_form") && !isset($config['system']['webgui']['
 					}
 
 			if(!$found_host) {
-				$found_host = isAuthLocalIP($referrer_host) ;
-
+				$interface_list_ips = get_configured_ip_addresses();
+				foreach($interface_list_ips as $ilips) {
+					if(strcasecmp($referrer_host, $ilips) == 0) {
+						$found_host = true;
+						break;
+					}
+				}
+				$interface_list_ipv6s = get_configured_ipv6_addresses();
+				foreach($interface_list_ipv6s as $ilipv6s) {
+					if(strcasecmp($referrer_host, $ilipv6s) == 0) {
+						$found_host = true;
+						break;
+					}
+				}
 				if($referrer_host == "127.0.0.1" || $referrer_host == "localhost") {
 					// allow SSH port forwarded connections and links from localhost
 					$found_host = true;
@@ -175,35 +188,6 @@ unset($security_passed);
 $groupindex = index_groups();
 $userindex = index_users();
 
-/**
- * check if $http_host is a local configured ip address
- */
-function isAuthLocalIP($http_host) {
-    global $config;
-    $local_ip = false;
-    if (isset($config['interfaces'])) {
-	foreach($config['interfaces'] as $if => $ifdetail) {
-		if (isset($ifdetail['enable'])) {
-			if (isset($ifdetail['ipaddr']) && $ifdetail['ipaddr'] == $http_host) {
-				$local_ip = true;
-			} elseif (isset($ifdetail['ipaddr6']) && $ifdetail['ipaddr6'] == $http_host) {
-				$local_ip = true;
-			}
-		}
-	}
-    }
-
-    if (isset($config['virtualip']['vip'])) {
-        foreach ($config['virtualip']['vip'] as $vip) {
-            if ($vip['subnet'] == $http_host) {
-                $local_ip = true;
-            }
-        }
-    }
-
-    return $local_ip;
-}
-
 function index_groups()
 {
 	global $config, $groupindex;

src/etc/inc/authgui.inc

@@ -31,6 +31,7 @@
 */
 
 require_once("auth.inc");
+require_once("filter.inc");
 
 // provided via legacy_bindings.inc
 global $priv_list;
@@ -385,6 +386,7 @@ function display_login_form()
 
     /* Check against locally configured IP addresses, which will catch when someone
 	   port forwards WebGUI access from WAN to an internal IP on the router. */
+    $FilterIflist = filter_generate_optcfg_array() ;
     $local_ip = false;
     if (strstr($_SERVER['HTTP_HOST'], ":")) {
         $http_host_port = explode(":", $_SERVER['HTTP_HOST']);
@@ -392,10 +394,22 @@ function display_login_form()
     } else {
         $http_host = $_SERVER['HTTP_HOST'];
     }
+    foreach ($FilterIflist as $iflist) {
+        if ($iflist['ip'] == $http_host) {
+            $local_ip = true;
+        }
+        if ($iflist['ipv6'] == $http_host) {
+            $local_ip = true;
+        }
+    }
 
-    // fix, local ip check was previously done using "filter_generate_optcfg_array" which basically includes alomst everything here.
-    // this should do the trick as well.
-    $local_ip = isAuthLocalIP($http_host);
+    if (isset($config['virtualip']['vip'])) {
+        foreach ($config['virtualip']['vip'] as $vip) {
+            if ($vip['subnet'] == $http_host) {
+                $local_ip = true;
+            }
+        }
+    }
 
     if (isset($config['openvpn']['openvpn-server'])) {
         foreach ($config['openvpn']['openvpn-server'] as $ovpns) {