Import upstream version 0.6+git20170804.1.f0e8c5c
Debian Janitor
2 years ago
0 | .pc |
0 | libapache2-mod-rpaf (0.6-4) experimental; urgency=low | |
1 | ||
2 | The mod_remoteip (part of the Apache distribution since 2.4 and included | |
3 | in the apache2-bin Debian package) can be used for the same purpose: | |
4 | http://httpd.apache.org/docs/2.4/mod/mod_remoteip.html | |
5 | ||
6 | Thus, this module should be considered as deprecated and will be | |
7 | dropped after Wheezy. | |
8 | ||
9 | -- Sergey B Kirpichev <skirpichev@gmail.com> Sat, 07 Apr 2012 16:18:49 +0400 |
0 | libapache2-mod-rpaf for Debian | |
1 | ------------------------------ | |
2 | ||
3 | The mod_remoteip, available in the Apache 2.4 (Debian Jessie) | |
4 | can be used for the same purpose: | |
5 | http://httpd.apache.org/docs/2.4/mod/mod_remoteip.html | |
6 | ||
7 | This module should be considered as deprecated after Jessie. | |
8 | ||
9 | ||
10 | Transition to the remoteip module | |
11 | --------------------------------- | |
12 | ||
13 | The following configuraion snippet for mod_remoteip match the | |
14 | default mod_rpaf's configuration: | |
15 | -->8-- | |
16 | <IfModule remoteip_module> | |
17 | RemoteIPInternalProxy 127.0.0.1 ::1 | |
18 | RemoteIPHeader X-Forwarded-For | |
19 | # RemoteIPHeader X-Real-IP | |
20 | </IfModule> | |
21 | -->8-- | |
22 | ||
23 | You should add this (along with local customisations) to the | |
24 | /etc/apache2/mods-available/mod_remoteip.conf file, then do: | |
25 | ||
26 | a2enmod remoteip | |
27 | a2dismod rpaf | |
28 | service apache2 restart | |
29 | ||
30 | At this point you could remove the libapache2-mod-rpaf package. |
0 | libapache2-mod-rpaf (0.6-13) unstable; urgency=medium | |
1 | ||
2 | * Fix homepage field and watch file | |
3 | ||
4 | -- Sergey B Kirpichev <skirpichev@gmail.com> Wed, 01 Oct 2014 21:27:02 +0400 | |
5 | ||
6 | libapache2-mod-rpaf (0.6-12) unstable; urgency=low | |
7 | ||
8 | * Add transition notes | |
9 | * Fix lintian error: vcs-field-not-canonical | |
10 | * Bump up Standards-Version (to 3.9.5) | |
11 | * Add --no-silent to LTFLAGS | |
12 | * Restore 030_ipv6.patch, removed by QA upload in 0.6-1 (Closes: #726529) | |
13 | * Refresh patches | |
14 | ||
15 | -- Sergey B Kirpichev <skirpichev@gmail.com> Fri, 24 Jan 2014 10:24:27 +0400 | |
16 | ||
17 | libapache2-mod-rpaf (0.6-11) unstable; urgency=low | |
18 | ||
19 | * Repackage from experimental to sid (Closes: #709463) | |
20 | ||
21 | -- Sergey B Kirpichev <skirpichev@gmail.com> Sun, 16 Jun 2013 15:23:44 +0400 | |
22 | ||
23 | libapache2-mod-rpaf (0.6-10) experimental; urgency=low | |
24 | ||
25 | * Drop workaround for #666875 | |
26 | * Drop postinst/prerm scripts | |
27 | ||
28 | -- Sergey B Kirpichev <skirpichev@gmail.com> Wed, 29 May 2013 19:23:06 +0400 | |
29 | ||
30 | libapache2-mod-rpaf (0.6-9) unstable; urgency=low | |
31 | ||
32 | * Readd patch 010 (removed in QA upload), LP: #1106821 | |
33 | * Revert back Homepage: and watch file. http://stderr.net/ seems | |
34 | to be alive. | |
35 | ||
36 | -- Sergey B Kirpichev <skirpichev@gmail.com> Thu, 28 Feb 2013 19:45:11 +0400 | |
37 | ||
38 | libapache2-mod-rpaf (0.6-8) unstable; urgency=low | |
39 | ||
40 | * Do force-reload in maintainer scripts only if apache2 configs is ok | |
41 | * Drop DMUA, fix lintian warning | |
42 | * Bump up Standards-Version (to 3.9.4) | |
43 | * Drop Homepage and watch file | |
44 | ||
45 | -- Sergey B Kirpichev <skirpichev@gmail.com> Thu, 27 Dec 2012 14:10:06 +0400 | |
46 | ||
47 | libapache2-mod-rpaf (0.6-7) unstable; urgency=low | |
48 | ||
49 | * Fix FTBS on a number of archs: add -D_LARGEFILE64_SOURCE to CFLAGS | |
50 | ||
51 | -- Sergey B Kirpichev <skirpichev@gmail.com> Thu, 21 Jun 2012 11:35:07 +0400 | |
52 | ||
53 | libapache2-mod-rpaf (0.6-6) unstable; urgency=low | |
54 | ||
55 | * Pass hardening CFLAGS/CPPFLAGS to apxs2 | |
56 | * Add VCS-* fields | |
57 | ||
58 | -- Sergey B Kirpichev <skirpichev@gmail.com> Fri, 15 Jun 2012 16:25:03 +0400 | |
59 | ||
60 | libapache2-mod-rpaf (0.6-5) unstable; urgency=low | |
61 | ||
62 | * Reformat debian/copyright according to accepted DEP5 spec | |
63 | * Bump up Standards-Version to 3.9.3 (no changes) | |
64 | * Renamed: debian/docs -> debian/libapache2-mod-rpaf.docs | |
65 | * Update deprecation warning | |
66 | * Change dh compat to 9, enable hardening support | |
67 | ||
68 | -- Sergey B Kirpichev <skirpichev@gmail.com> Fri, 01 Jun 2012 15:40:41 +0400 | |
69 | ||
70 | libapache2-mod-rpaf (0.6-4) experimental; urgency=low | |
71 | ||
72 | * Reformat debian/copyright according to accepted DEP5 spec | |
73 | * Bump up Standards-Version to 3.9.3 (no changes) | |
74 | * Added "DM-Upload-Allowed: yes" control field | |
75 | * Update Build-Depends and Depends for Apache 2.4 | |
76 | * Switch to dh_apache2 | |
77 | * Renamed: debian/docs -> debian/libapache2-mod-rpaf.docs | |
78 | * Override dh_fixperms for #666875 | |
79 | * Add Apache 2.4 compatibility (Closes: #666792) | |
80 | * Patch 02 for missing header (for inet_addr) | |
81 | * Move deprecation warning to NEWS file, drop README.Debian | |
82 | ||
83 | -- Sergey B Kirpichev <skirpichev@gmail.com> Sat, 07 Apr 2012 16:32:59 +0400 | |
84 | ||
85 | libapache2-mod-rpaf (0.6-3) unstable; urgency=low | |
86 | ||
87 | * Fixed module naming stuff in rpaf.conf (Thanks to Alexander | |
88 | Kuznetsov). Closes: #653330. | |
89 | * Reformat rpaf.conf, add some commentaries from README.Debian | |
90 | * Add deprecation warning in README.Debian | |
91 | * Move debian/conf/* to debian/ | |
92 | * Add newline at the end of postinst | |
93 | * Delete unneded debian/dirs file | |
94 | * Override dh_auto_install | |
95 | * Update version in debian/watch | |
96 | ||
97 | -- Sergey B Kirpichev <skirpichev@gmail.com> Wed, 07 Dec 2011 16:32:54 +0400 | |
98 | ||
99 | libapache2-mod-rpaf (0.6-2) unstable; urgency=low | |
100 | ||
101 | * New maintainer (Closes: #636732) | |
102 | * Use DEP5 debian/copyright format | |
103 | * Removed override for dh_auto_install (used debian/install file) | |
104 | * Cleanup override_dh_auto_clean and override_dh_auto_build | |
105 | * Set section for the package to httpd | |
106 | ||
107 | -- Sergey B Kirpichev <skirpichev@gmail.com> Fri, 07 Oct 2011 21:48:54 +0400 | |
108 | ||
109 | libapache2-mod-rpaf (0.6-1) unstable; urgency=low | |
110 | ||
111 | * QA upload. | |
112 | * New upstream release. (Closes: #468460) | |
113 | + You can now set the header to parse for the real IP. (Closes: #386630) | |
114 | + Move change_remote_ip handler to APR_HOOK_FIRST. (Closes: #386628) | |
115 | * Remove all old patches. | |
116 | * Change Maintainer to QA, thanks to Piotr Roszatycki for maintaining | |
117 | this package in the past. | |
118 | * Replace debian/rules with a dh version and some overrides. (Closes: #636893) | |
119 | * Remove non working Vcs-* entries from debian/control. | |
120 | * Build-Depend on debhelper and apache2-threaded-dev instead of yada. | |
121 | * Add a debian/compat 8 file. | |
122 | * Add source/format 3.0 quilt. | |
123 | * Add ${shlibs:Depends}, ${misc:Depends}, apache2 | apache2-mpm to Depends. | |
124 | * Remove ${libapache2-mod-rpaf:Depends} from Depends. | |
125 | * Add debian/dirs to create the installation directory. | |
126 | * Add a regular debian/copyright file. | |
127 | * Add postinst and prerm scripts to enable/disable the module. | |
128 | * Increase Standards-Version to 3.9.2 - no changes required beside | |
129 | the reworking of the package. | |
130 | * Add information about RPAFheader to README.Debian. | |
131 | * Add ::1 to RPAFproxy_ips in the default configuration. | |
132 | ||
133 | -- Sven Hoexter <hoexter@debian.org> Sun, 04 Sep 2011 18:11:18 +0200 | |
134 | ||
135 | libapache2-mod-rpaf (0.5-3) unstable; urgency=low | |
136 | ||
137 | * Rename source package name from libapache-mod-rpaf to libapache2-mod-rpaf. | |
138 | * Dropped Apache 1.3 support. Closes: #429131. | |
139 | * Resolved problem with keepalive requests. Closes: #345648. | |
140 | * Support for IPv6-enabled webservers. Closes: #409521, #414450. | |
141 | * Support for multiple hostnames in X-Forwarded-Host header. Closes: #416387. | |
142 | * Get last address in the header which is not in RPAFproxy_ips. Closes: #377190. | |
143 | ||
144 | -- Piotr Roszatycki <dexter@debian.org> Tue, 30 Oct 2007 13:38:58 +0100 | |
145 | ||
146 | libapache-mod-rpaf (0.5-2.1) unstable; urgency=low | |
147 | ||
148 | * Non-maintainer upload to update dependency on an uninstallable package. | |
149 | * Updated the dependency of libapache2-mod-suphp to apache2.2-common. | |
150 | (Closes: #391753) | |
151 | * Added a call to apr-1-config --cppflags to get the correct CFLAGS at | |
152 | build time. | |
153 | ||
154 | -- Margarita Manterola <marga@debian.org> Wed, 18 Oct 2006 14:20:31 -0300 | |
155 | ||
156 | libapache-mod-rpaf (0.5-2) unstable; urgency=low | |
157 | ||
158 | * Add rpaf.conf with base configuration. | |
159 | ||
160 | -- Piotr Roszatycki <dexter@debian.org> Wed, 16 Mar 2005 11:08:47 +0100 | |
161 | ||
162 | libapache-mod-rpaf (0.5-1) unstable; urgency=low | |
163 | ||
164 | * New upstream release. | |
165 | * New libapache2-mod-rpaf binary package. | |
166 | * This version fixes bug with incorrect log entries. Closes: #262050. | |
167 | * Fixed typo in package description. Closes: #268519, #277225. | |
168 | ||
169 | -- Piotr Roszatycki <dexter@debian.org> Mon, 28 Feb 2005 11:02:21 +0100 | |
170 | ||
171 | libapache-mod-rpaf (0.4-1) unstable; urgency=low | |
172 | ||
173 | * New upstream release. | |
174 | * Fixed Origin field in debian/control, closes: #154412 | |
175 | ||
176 | -- Piotr Roszatycki <dexter@debian.org> Tue, 19 Aug 2003 17:35:38 +0200 | |
177 | ||
178 | libapache-mod-rpaf (0.3-2) unstable; urgency=low | |
179 | ||
180 | * Safe postinst script. | |
181 | * Fixes minor spelling error, closes: #124888 | |
182 | ||
183 | -- Piotr Roszatycki <dexter@debian.org> Thu, 11 Apr 2002 11:37:47 +0200 | |
184 | ||
185 | libapache-mod-rpaf (0.3-1) unstable; urgency=high | |
186 | ||
187 | * New upstream release | |
188 | * Fixes bug with memory leaking | |
189 | ||
190 | -- Piotr Roszatycki <dexter@debian.org> Fri, 5 Oct 2001 07:20:39 +0000 | |
191 | ||
192 | libapache-mod-rpaf (0.2-1) unstable; urgency=low | |
193 | ||
194 | * New upstream release | |
195 | ||
196 | -- Piotr Roszatycki <dexter@debian.org> Tue, 2 Oct 2001 13:35:37 +0000 | |
197 | ||
198 | libapache-mod-rpaf (0.1-1) unstable; urgency=low | |
199 | ||
200 | * Initial Debian version. | |
201 | ||
202 | -- Piotr Roszatycki <dexter@debian.org> Thu, 30 Aug 2001 16:49:42 +0200 | |
203 |
0 | 9 |
0 | Source: libapache2-mod-rpaf | |
1 | Maintainer: Sergey B Kirpichev <skirpichev@gmail.com> | |
2 | Section: httpd | |
3 | Priority: extra | |
4 | Standards-Version: 3.9.6 | |
5 | Build-Depends: debhelper (>= 9), dh-apache2, apache2-dev (>= 2.4.2-1~) | |
6 | Vcs-Git: git://anonscm.debian.org/collab-maint/libapache2-mod-rpaf.git | |
7 | Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/libapache2-mod-rpaf.git;a=summary | |
8 | Homepage: http://www.stderr.net/apache/rpaf/ | |
9 | ||
10 | Package: libapache2-mod-rpaf | |
11 | Architecture: any | |
12 | Depends: ${shlibs:Depends}, ${misc:Depends} | |
13 | Description: module for Apache2 which takes the last IP from the 'X-Forwarded-For' header | |
14 | rpaf is short for reverse proxy add forward. | |
15 | . | |
16 | rpaf is for backend Apache servers what mod_proxy_add_forward is for | |
17 | frontend Apache servers. It does exactly the opposite of | |
18 | mod_proxy_add_forward written by Ask Bjorn Hansen. | |
19 | . | |
20 | It changes the remote address of the client visible to other Apache modules | |
21 | when two conditions are satisfied. First condition is that the remote client | |
22 | is actually a proxy that is defined in httpd.conf. Secondly if there is an | |
23 | incoming X-Forwarded-For header and the proxy is in its list of known | |
24 | proxies it takes the last IP from the incoming X-Forwarded-For header and | |
25 | changes the remote address of the client in the request structure. |
0 | Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ | |
1 | Upstream-Name: mod_rpaf | |
2 | Upstream-Contact: Thomas Eibner <thomas@stderr.net> | |
3 | Source: http://stderr.net/apache/rpaf/ | |
4 | ||
5 | Files: * | |
6 | Copyright: 2001-2011, Thomas Eibner <thomas@stderr.net> | |
7 | License: Apache | |
8 | ==================================================================== | |
9 | Copyright (c) 1995 The Apache Group. All rights reserved. | |
10 | . | |
11 | Redistribution and use in source and binary forms, with or without | |
12 | modification, are permitted provided that the following conditions | |
13 | are met: | |
14 | . | |
15 | 1. Redistributions of source code must retain the above copyright | |
16 | notice, this list of conditions and the following disclaimer. | |
17 | . | |
18 | 2. Redistributions in binary form must reproduce the above copyright | |
19 | notice, this list of conditions and the following disclaimer in | |
20 | the documentation and/or other materials provided with the | |
21 | distribution. | |
22 | 3. All advertising materials mentioning features or use of this | |
23 | software must display the following acknowledgment: | |
24 | "This product includes software developed by the Apache Group | |
25 | for use in the Apache HTTP server project (http://www.apache.org/)." | |
26 | 4. The names "Apache Server" and "Apache Group" must not be used to | |
27 | endorse or promote products derived from this software without | |
28 | prior written permission. | |
29 | . | |
30 | 5. Redistributions of any form whatsoever must retain the following | |
31 | acknowledgment: | |
32 | "This product includes software developed by the Apache Group | |
33 | for use in the Apache HTTP server project (http://www.apache.org/)." | |
34 | . | |
35 | THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY | |
36 | EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
37 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
38 | PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR | |
39 | IT'S CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
40 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
41 | NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
42 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
43 | HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
44 | STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
45 | ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
46 | OF THE POSSIBILITY OF SUCH DAMAGE. | |
47 | ==================================================================== | |
48 | . | |
49 | This software consists of voluntary contributions made by many | |
50 | individuals on behalf of the Apache Group and was originally based | |
51 | on public domain software written at the National Center for | |
52 | Supercomputing Applications, University of Illinois, Urbana-Champaign. | |
53 | For more information on the Apache Group and the Apache HTTP server | |
54 | project, please see <http://www.apache.org/>. | |
55 | ||
56 | Files: debian/* | |
57 | Copyright: 2001-2010, Piotr Roszatycki <dexter@debian.org> | |
58 | 2011, Sven Hoexter <hoexter@debian.org> | |
59 | 2011-2012, Sergey B Kirpichev <skirpichev@gmail.com> | |
60 | License: GPL-2+ | |
61 | On Debian GNU/Linux systems, the complete text of the GNU General | |
62 | Public License (GPL) version 2 can be found at | |
63 | /usr/share/common-licenses/GPL-2. |
0 | README |
0 | Description: Use the last value from the X-Forwarded-For header, which | |
1 | is not in RPAFproxy_ips as the client IP, falling back to the first one | |
2 | if they are all known proxies. | |
3 | Author: Dagfinn Ilmari Mannsåker <ilmari@ilmari.org> | |
4 | ||
5 | --- | |
6 | mod_rpaf-2.0.c | 12 +++++++++++- | |
7 | 1 file changed, 11 insertions(+), 1 deletion(-) | |
8 | ||
9 | --- a/mod_rpaf-2.0.c | |
10 | +++ b/mod_rpaf-2.0.c | |
11 | @@ -154,6 +154,16 @@ | |
12 | return APR_SUCCESS; | |
13 | } | |
14 | ||
15 | +static char* last_not_in_array(apr_array_header_t *forwarded_for, | |
16 | + apr_array_header_t *proxy_ips) { | |
17 | + int i; | |
18 | + for (i = (forwarded_for->nelts)-1; i > 0; i--) { | |
19 | + if (!is_in_array(((char **)forwarded_for->elts)[i], proxy_ips)) | |
20 | + break; | |
21 | + } | |
22 | + return ((char **)forwarded_for->elts)[i]; | |
23 | +} | |
24 | + | |
25 | static int change_remote_ip(request_rec *r) { | |
26 | const char *fwdvalue; | |
27 | char *val; | |
28 | @@ -185,7 +195,7 @@ | |
29 | rcr->old_ip = apr_pstrdup(r->connection->pool, r->connection->remote_ip); | |
30 | rcr->r = r; | |
31 | apr_pool_cleanup_register(r->pool, (void *)rcr, rpaf_cleanup, apr_pool_cleanup_null); | |
32 | - r->connection->remote_ip = apr_pstrdup(r->connection->pool, ((char **)arr->elts)[((arr->nelts)-1)]); | |
33 | + r->connection->remote_ip = apr_pstrdup(r->connection->pool, last_not_in_array(arr, cfg->proxy_ips)); | |
34 | r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->remote_ip); | |
35 | apr_sockaddr_t *tmpsa; | |
36 | int ret = apr_sockaddr_info_get(&tmpsa, r->connection->remote_ip, APR_UNSPEC, r->connection->remote_addr->port, 0, r->connection->remote_addr->pool); |
0 | Description: Apache 2.4 compatibility patch | |
1 | Author: Sergey B Kirpichev <skirpichev@gmail.com> | |
2 | Bug-Debian: http://bugs.debian.org/666792 | |
3 | ||
4 | --- | |
5 | mod_rpaf-2.0.c | 23 ++++++++++++++--------- | |
6 | 1 file changed, 14 insertions(+), 9 deletions(-) | |
7 | ||
8 | --- a/mod_rpaf-2.0.c | |
9 | +++ b/mod_rpaf-2.0.c | |
10 | @@ -84,7 +84,7 @@ typedef struct { | |
11 | } rpaf_server_cfg; | |
12 | ||
13 | typedef struct { | |
14 | - const char *old_ip; | |
15 | + const char *old_ip, *old_cip; | |
16 | request_rec *r; | |
17 | } rpaf_cleanup_rec; | |
18 | ||
19 | @@ -149,8 +149,10 @@ static int is_in_array(const char *remot | |
20 | ||
21 | static apr_status_t rpaf_cleanup(void *data) { | |
22 | rpaf_cleanup_rec *rcr = (rpaf_cleanup_rec *)data; | |
23 | - rcr->r->connection->remote_ip = apr_pstrdup(rcr->r->connection->pool, rcr->old_ip); | |
24 | - rcr->r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(rcr->r->connection->remote_ip); | |
25 | + rcr->r->useragent_ip = apr_pstrdup(rcr->r->connection->pool, rcr->old_ip); | |
26 | + rcr->r->useragent_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(rcr->r->useragent_ip); | |
27 | + rcr->r->connection->client_ip = apr_pstrdup(rcr->r->connection->pool, rcr->old_cip); | |
28 | + rcr->r->connection->client_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(rcr->r->connection->client_ip); | |
29 | return APR_SUCCESS; | |
30 | } | |
31 | ||
32 | @@ -173,7 +175,7 @@ static int change_remote_ip(request_rec | |
33 | if (!cfg->enable) | |
34 | return DECLINED; | |
35 | ||
36 | - if (is_in_array(r->connection->remote_ip, cfg->proxy_ips) == 1) { | |
37 | + if (is_in_array(r->useragent_ip, cfg->proxy_ips) == 1) { | |
38 | /* check if cfg->headername is set and if it is use | |
39 | that instead of X-Forwarded-For by default */ | |
40 | if (cfg->headername && (fwdvalue = apr_table_get(r->headers_in, cfg->headername))) { | |
41 | @@ -192,15 +194,18 @@ static int change_remote_ip(request_rec | |
42 | if (*fwdvalue != '\0') | |
43 | ++fwdvalue; | |
44 | } | |
45 | - rcr->old_ip = apr_pstrdup(r->connection->pool, r->connection->remote_ip); | |
46 | + rcr->old_ip = apr_pstrdup(r->connection->pool, r->useragent_ip); | |
47 | + rcr->old_cip = apr_pstrdup(r->connection->pool, r->connection->client_ip); | |
48 | rcr->r = r; | |
49 | apr_pool_cleanup_register(r->pool, (void *)rcr, rpaf_cleanup, apr_pool_cleanup_null); | |
50 | - r->connection->remote_ip = apr_pstrdup(r->connection->pool, last_not_in_array(arr, cfg->proxy_ips)); | |
51 | - r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->remote_ip); | |
52 | + r->useragent_ip = apr_pstrdup(r->connection->pool, last_not_in_array(arr, cfg->proxy_ips)); | |
53 | + r->useragent_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->useragent_ip); | |
54 | + r->connection->client_ip = apr_pstrdup(r->connection->pool, last_not_in_array(arr, cfg->proxy_ips)); | |
55 | + r->connection->client_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->client_ip); | |
56 | apr_sockaddr_t *tmpsa; | |
57 | - int ret = apr_sockaddr_info_get(&tmpsa, r->connection->remote_ip, APR_UNSPEC, r->connection->remote_addr->port, 0, r->connection->remote_addr->pool); | |
58 | + int ret = apr_sockaddr_info_get(&tmpsa, r->useragent_ip, APR_UNSPEC, r->useragent_addr->port, 0, r->useragent_addr->pool); | |
59 | if (ret == APR_SUCCESS) | |
60 | - memcpy(r->connection->remote_addr, tmpsa, sizeof(apr_sockaddr_t)); | |
61 | + memcpy(r->useragent_addr, tmpsa, sizeof(apr_sockaddr_t)); | |
62 | if (cfg->sethostname) { | |
63 | const char *hostvalue; | |
64 | if (hostvalue = apr_table_get(r->headers_in, "X-Forwarded-Host")) { |
0 | Description: Add missing header for inet_addr | |
1 | Author: Sergey B Kirpichev <skirpichev@gmail.com> | |
2 | ||
3 | --- | |
4 | mod_rpaf-2.0.c | 1 + | |
5 | 1 file changed, 1 insertion(+) | |
6 | ||
7 | --- a/mod_rpaf-2.0.c | |
8 | +++ b/mod_rpaf-2.0.c | |
9 | @@ -64,6 +64,7 @@ | |
10 | * | |
11 | */ | |
12 | ||
13 | +#include <arpa/inet.h> | |
14 | #include "httpd.h" | |
15 | #include "http_config.h" | |
16 | #include "http_core.h" |
0 | Description: ipv6 fixes | |
1 | Author: Piotr Roszatycki <dexter@debian.org> | |
2 | Reviewed-by: Sergey B Kirpichev <skirpichev@gmail.com> | |
3 | Bug-Debian: http://bugs.debian.org/726529 | |
4 | ||
5 | --- | |
6 | mod_rpaf-2.0.c | 6 ++++++ | |
7 | 1 file changed, 6 insertions(+) | |
8 | ||
9 | --- a/mod_rpaf-2.0.c | |
10 | +++ b/mod_rpaf-2.0.c | |
11 | @@ -72,6 +72,8 @@ | |
12 | #include "http_vhost.h" | |
13 | #include "apr_strings.h" | |
14 | ||
15 | +#include <arpa/inet.h> | |
16 | + | |
17 | module AP_MODULE_DECLARE_DATA rpaf_module; | |
18 | ||
19 | typedef struct { | |
20 | @@ -185,6 +187,10 @@ | |
21 | apr_pool_cleanup_register(r->pool, (void *)rcr, rpaf_cleanup, apr_pool_cleanup_null); | |
22 | r->connection->remote_ip = apr_pstrdup(r->connection->pool, ((char **)arr->elts)[((arr->nelts)-1)]); | |
23 | r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->remote_ip); | |
24 | + apr_sockaddr_t *tmpsa; | |
25 | + int ret = apr_sockaddr_info_get(&tmpsa, r->connection->remote_ip, APR_UNSPEC, r->connection->remote_addr->port, 0, r->connection->remote_addr->pool); | |
26 | + if (ret == APR_SUCCESS) | |
27 | + memcpy(r->connection->remote_addr, tmpsa, sizeof(apr_sockaddr_t)); | |
28 | if (cfg->sethostname) { | |
29 | const char *hostvalue; | |
30 | if (hostvalue = apr_table_get(r->headers_in, "X-Forwarded-Host")) { |
0 | 030_ipv6.patch | |
1 | 010_multiple_proxies.patch | |
2 | 011_apache2.4.patch | |
3 | 012_Add-missing-header-for-inet_addr.patch |
0 | <IfModule rpaf_module> | |
1 | RPAFenable On | |
2 | ||
3 | # When enabled, take the incoming X-Host header and | |
4 | # update the virtualhost settings accordingly: | |
5 | RPAFsethostname On | |
6 | ||
7 | # Define which IP's are your frontend proxies that sends | |
8 | # the correct X-Forwarded-For headers: | |
9 | RPAFproxy_ips 127.0.0.1 ::1 | |
10 | ||
11 | # Change the header name to parse from the default | |
12 | # X-Forwarded-For to something of your choice: | |
13 | # RPAFheader X-Real-IP | |
14 | </IfModule> |
0 | LoadModule rpaf_module /usr/lib/apache2/modules/mod_rpaf.so |
0 | #!/usr/bin/make -f | |
1 | ||
2 | %: | |
3 | dh $@ --with apache2 | |
4 | ||
5 | override_dh_auto_clean: | |
6 | rm -rf .libs *.la *.lo | |
7 | ||
8 | override_dh_auto_build: | |
9 | LTFLAGS="--no-silent" apxs2 \ | |
10 | -S CFLAGS="$(CFLAGS) \ | |
11 | -D_LARGEFILE64_SOURCE \ | |
12 | $(CPPFLAGS)" -c -o mod_rpaf.so mod_rpaf-2.0.c | |
13 | ||
14 | override_dh_auto_test: | |
15 | ||
16 | override_dh_auto_install: | |
17 |
0 | 3.0 (quilt) |