@@ -37,11 +37,17 @@ typedef struct {
3737} remoteip_proxymatch_t ;
3838
3939typedef struct {
40- /** The header to retrieve a proxy-via ip list */
40+ conn_rec * conn ;
41+ apr_sockaddr_t * remote_addr ;
42+ char * remote_ip ;
43+ } remoteip_cleanup_rec_t ;
44+
45+ typedef struct {
46+ /** The header to retrieve a proxy-via IP list */
4147 const char * header_name ;
4248 /** A header to record the proxied IP's
4349 * (removed as the physical connection and
44- * from the proxy-via ip header value list)
50+ * from the proxy-via IP header value list)
4551 */
4652 const char * proxies_header_name ;
4753 /** A list of trusted proxies, ideally configured
@@ -51,11 +57,11 @@ typedef struct {
5157} remoteip_config_t ;
5258
5359typedef struct {
54- apr_sockaddr_t * remote_addr ;
55- char * remote_ip ;
56- /** The list of proxy ip 's ignored as remote ip 's */
60+ apr_sockaddr_t * useragent_addr ;
61+ char * useragent_ip ;
62+ /** The list of proxy IP 's ignored as remote IP 's */
5763 const char * proxy_ips ;
58- /** The remaining list of untrusted proxied remote ip 's */
64+ /** The remaining list of untrusted proxied remote IP 's */
5965 const char * proxied_remote ;
6066} remoteip_req_t ;
6167
@@ -170,7 +176,7 @@ static const char *proxies_set(cmd_parms *cmd, void *cfg,
170176 }
171177
172178 if (rv != APR_SUCCESS ) {
173- char msgbuf [128 ];
179+ char msgbuf [MAX_STRING_LEN ];
174180 apr_strerror (rv , msgbuf , sizeof (msgbuf ));
175181 return apr_pstrcat (cmd -> pool , "RemoteIP: Error parsing IP " , arg ,
176182 " (" , msgbuf , " error) for " , cmd -> cmd -> name , NULL );
@@ -200,11 +206,12 @@ static const char *proxylist_read(cmd_parms *cmd, void *cfg,
200206 while (!(ap_cfg_getline (lbuf , MAX_STRING_LEN , cfp ))) {
201207 args = lbuf ;
202208 while (* (arg = ap_getword_conf (cmd -> temp_pool , & args )) != '\0' ) {
203- if (* arg == '#' || * arg == '\0' ) {
209+ if (* arg == '#' ) {
204210 break ;
205211 }
206212 errmsg = proxies_set (cmd , cfg , arg );
207213 if (errmsg ) {
214+ ap_cfg_closefile (cfp );
208215 errmsg = apr_psprintf (cmd -> pool , "%s at line %d of %s" ,
209216 errmsg , cfp -> line_number , filename );
210217 return errmsg ;
@@ -216,12 +223,20 @@ static const char *proxylist_read(cmd_parms *cmd, void *cfg,
216223 return NULL ;
217224}
218225
226+ static apr_status_t remoteip_cleanup (void * data ) {
227+ remoteip_cleanup_rec_t * cleanup_rec = (remoteip_cleanup_rec_t * )data ;
228+ cleanup_rec -> conn -> remote_addr = cleanup_rec -> remote_addr ;
229+ cleanup_rec -> conn -> remote_ip = cleanup_rec -> remote_ip ;
230+ return APR_SUCCESS ;
231+ }
232+
219233static int remoteip_modify_request (request_rec * r )
220234{
221235 conn_rec * c = r -> connection ;
222236 remoteip_config_t * config = (remoteip_config_t * )
223237 ap_get_module_config (r -> server -> module_config , & remoteip_module );
224238 remoteip_req_t * req = NULL ;
239+ remoteip_cleanup_rec_t * cleanup_rec ;
225240
226241 apr_sockaddr_t * temp_sa ;
227242
@@ -247,14 +262,14 @@ static int remoteip_modify_request(request_rec *r)
247262
248263 while (remote ) {
249264
250- /* verify c->remote_addr is trusted if there is a trusted proxy list
265+ /* verify user agent IP against the trusted proxy list
251266 */
252267 if (config -> proxymatch_ip ) {
253268 int i ;
254269 remoteip_proxymatch_t * match ;
255270 match = (remoteip_proxymatch_t * )config -> proxymatch_ip -> elts ;
256271 for (i = 0 ; i < config -> proxymatch_ip -> nelts ; ++ i ) {
257- if (apr_ipsubnet_test (match [i ].ip , c -> remote_addr )) {
272+ if (apr_ipsubnet_test (match [i ].ip , temp_sa )) {
258273 internal = match [i ].internal ;
259274 break ;
260275 }
@@ -291,7 +306,7 @@ static int remoteip_modify_request(request_rec *r)
291306 break ;
292307 }
293308
294- /* We map as IPv4 rather than IPv6 for equivilant host names
309+ /* We map as IPv4 rather than IPv6 for equivalent host names
295310 * or IPV4OVERIPV6
296311 */
297312 rv = apr_sockaddr_info_get (& temp_sa , parse_remote ,
@@ -310,7 +325,6 @@ static int remoteip_modify_request(request_rec *r)
310325 remote = parse_remote ;
311326 }
312327 break ;
313-
314328 }
315329
316330 addrbyte = (unsigned char * ) & temp_sa -> sa .sin .sin_addr ;
@@ -356,19 +370,19 @@ static int remoteip_modify_request(request_rec *r)
356370 req = (remoteip_req_t * ) apr_palloc (r -> pool , sizeof (remoteip_req_t ));
357371 }
358372
359- /* Set remote_ip string */
373+ /* Set useragent_ip string */
360374 if (!internal ) {
361375 if (proxy_ips ) {
362376 proxy_ips = apr_pstrcat (r -> pool , proxy_ips , ", " ,
363- c -> remote_ip , NULL );
377+ req -> useragent_ip , NULL );
364378 }
365379 else {
366- proxy_ips = c -> remote_ip ;
380+ proxy_ips = req -> useragent_ip ;
367381 }
368382 }
369383
370- req -> remote_addr = temp_sa ;
371- apr_sockaddr_ip_get (& req -> remote_ip , req -> remote_addr );
384+ req -> useragent_addr = temp_sa ;
385+ apr_sockaddr_ip_get (& req -> useragent_ip , req -> useragent_addr );
372386 }
373387
374388 /* Nothing happened? */
@@ -394,14 +408,21 @@ static int remoteip_modify_request(request_rec *r)
394408 }
395409 }
396410
397- c -> remote_addr = req -> remote_addr ;
398- c -> remote_ip = req -> remote_ip ;
411+ cleanup_rec = (remoteip_cleanup_rec_t * )apr_pcalloc (r -> pool , sizeof (remoteip_cleanup_rec_t ));
412+ cleanup_rec -> conn = c ;
413+ cleanup_rec -> remote_addr = c -> remote_addr ;
414+ cleanup_rec -> remote_ip = c -> remote_ip ;
415+ apr_pool_cleanup_register (r -> pool , cleanup_rec , remoteip_cleanup , apr_pool_cleanup_null );
416+
417+ c -> remote_addr = req -> useragent_addr ;
418+ c -> remote_ip = req -> useragent_ip ;
399419
400420 ap_log_rerror (APLOG_MARK , APLOG_INFO , 0 , r ,
401421 req -> proxy_ips
402422 ? "Using %s as client's IP by proxies %s"
403- : "Using %s as client's IP by internal proxies" ,
404- req -> remote_ip , req -> proxy_ips );
423+ : "Using %s as client's IP by internal proxies%s" ,
424+ req -> useragent_ip ,
425+ (req -> proxy_ips ? req -> proxy_ips : "" ));
405426 return OK ;
406427}
407428
0 commit comments