-const char parsers_rcs[] = "$Id: parsers.c,v 1.140 2008/09/12 17:51:43 fabiankeil Exp $";
+const char parsers_rcs[] = "$Id: parsers.c,v 1.143 2008/09/21 13:36:52 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/parsers.c,v $
*
* Revisions :
* $Log: parsers.c,v $
+ * Revision 1.143 2008/09/21 13:36:52 fabiankeil
+ * If change-x-forwarded-for{add} is used and the client
+ * sends multiple X-Forwarded-For headers, append the client's
+ * IP address to each one of them. "Traditionally" we would
+ * lose all but the last one.
+ *
+ * Revision 1.142 2008/09/20 10:04:33 fabiankeil
+ * Remove hide-forwarded-for-headers action which has
+ * been obsoleted by change-x-forwarded-for{block}.
+ *
+ * Revision 1.141 2008/09/19 15:26:28 fabiankeil
+ * Add change-x-forwarded-for{} action to block or add
+ * X-Forwarded-For headers. Mostly based on code removed
+ * before 3.0.7.
+ *
* Revision 1.140 2008/09/12 17:51:43 fabiankeil
* - A few style fixes.
* - Remove a pointless cast.
*********************************************************************/
jb_err client_x_forwarded(struct client_state *csp, char **header)
{
- int block_header = (((csp->action->flags & ACTION_HIDE_FORWARDED) != 0)
- || ((csp->action->flags & ACTION_CHANGE_X_FORWARDED_FOR) &&
- (0 == strcmpic(csp->action->string[ACTION_STRING_CHANGE_X_FORWARDED_FOR], "block"))));
-
- if (block_header)
+ if (0 != (csp->action->flags & ACTION_CHANGE_X_FORWARDED_FOR))
{
- freez(*header);
- log_error(LOG_LEVEL_HEADER, "crunched x-forwarded-for!");
- }
- else if (0 == strcmpic(csp->action->string[ACTION_STRING_CHANGE_X_FORWARDED_FOR], "add"))
- {
- /* Save it so we can re-add it later */
- freez(csp->x_forwarded_for);
- csp->x_forwarded_for = *header;
+ const char *parameter = csp->action->string[ACTION_STRING_CHANGE_X_FORWARDED_FOR];
- /*
- * Always set *header = NULL, since this information
- * will be sent at the end of the header.
- */
- *header = NULL;
+ if (0 == strcmpic(parameter, "block"))
+ {
+ freez(*header);
+ log_error(LOG_LEVEL_HEADER, "crunched x-forwarded-for!");
+ }
+ else if (0 == strcmpic(parameter, "add"))
+ {
+ string_append(header, ", ");
+ string_append(header, csp->ip_addr_str);
+
+ if (*header == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+ log_error(LOG_LEVEL_HEADER,
+ "Appended client IP address to %s", *header);
+ csp->flags |= CSP_FLAG_X_FORWARDED_FOR_APPENDED;
+ }
+ else
+ {
+ log_error(LOG_LEVEL_FATAL,
+ "Invalid change-x-forwarded-for parameter: '%s'", parameter);
+ }
}
return JB_ERR_OK;
char *header = NULL;
jb_err err;
- if (!((csp->action->flags & ACTION_CHANGE_X_FORWARDED_FOR) &&
- (0 == strcmpic(csp->action->string[ACTION_STRING_CHANGE_X_FORWARDED_FOR], "add"))))
+ if (!((csp->action->flags & ACTION_CHANGE_X_FORWARDED_FOR)
+ && (0 == strcmpic(csp->action->string[ACTION_STRING_CHANGE_X_FORWARDED_FOR], "add")))
+ || (csp->flags & CSP_FLAG_X_FORWARDED_FOR_APPENDED))
{
+ /*
+ * If we aren't adding X-Forwarded-For headers,
+ * or we already appended an existing X-Forwarded-For
+ * header, there's nothing left to do here.
+ */
return JB_ERR_OK;
}
- if (csp->x_forwarded_for)
- {
- header = strdup(csp->x_forwarded_for);
- string_append(&header, ", ");
- }
- else
- {
- header = strdup("X-Forwarded-For: ");
- }
+ header = strdup("X-Forwarded-For: ");
string_append(&header, csp->ip_addr_str);
if (header == NULL)