www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-07 04:02:58 +03:00
Code Activity

Further clarify the naming of the entity that directly connects to us by

Browse Source 
calling that entity a client instead of a peer.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1214015 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Graham Leggett
2011-12-14 01:10:52 +00:00
parent 8cea5c4275
commit cb21a0dbcc
16 changed files with 75 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
docs/manual/developer/new_api_2_4.xml
View File

@@ -153,9 +153,9 @@
<li>Modules that load other modules later than the EXEC_ON_READ config <li>Modules that load other modules later than the EXEC_ON_READ config
reading stage need to call ap_reserve_module_slots() or reading stage need to call ap_reserve_module_slots() or
ap_reserve_module_slots_directive() in their pre_config hook.</li> ap_reserve_module_slots_directive() in their pre_config hook.</li>
<li>The client IP address per request can now be specified independently <li>The useragent IP address per request can now be specified
of the peer IP address of the connection for the benefit of load independently of the client IP address of the connection for
balancers</li> the benefit of load balancers</li>
</ul> </ul>
</section> </section>
@@ -459,8 +459,8 @@
<dd>This has been renamed to ap_unixd_config.</dd> <dd>This has been renamed to ap_unixd_config.</dd>
<dt><code>conn_rec->remote_ip and conn_rec->remote_addr</code></dt> <dt><code>conn_rec->remote_ip and conn_rec->remote_addr</code></dt>
<dd>In order to distinguish between the peer IP address of the <dd>In order to distinguish between the client IP address of the
connection, and the client IP address of the request potentially connection, and the useragent IP address of the request potentially
overridden by a load balancer or proxy, the above variables have overridden by a load balancer or proxy, the above variables have
been renamed. If a module makes reference to either of the above been renamed. If a module makes reference to either of the above
variables, they need to be replaced with one of the following two variables, they need to be replaced with one of the following two
@@ -471,10 +471,10 @@
separated from the server by a transparent load balancer or separated from the server by a transparent load balancer or
proxy, use request_rec->useragent_ip and proxy, use request_rec->useragent_ip and
request_rec->useragent_addr.</li> request_rec->useragent_addr.</li>
<li>When you require the IP address of the peer that is <li>When you require the IP address of the client that is
connected directly to the server, which might be the client or connected directly to the server, which might be the useragent or
might be the load balancer or proxy itself, use might be the load balancer or proxy itself, use
conn_rec->peer_ip and conn_rec->peer_addr.</li> conn_rec->client_ip and conn_rec->client_addr.</li>
</ul> </ul>
</dd> </dd>
</dl> </dl>

53
docs/manual/mod/mod_remoteip.xml
View File

@@ -23,8 +23,8 @@
<modulesynopsis metafile="mod_remoteip.xml.meta"> <modulesynopsis metafile="mod_remoteip.xml.meta">
<name>mod_remoteip</name> <name>mod_remoteip</name>
<description>Replaces the original peer IP address for the connection <description>Replaces the original client IP address for the connection
with the client IP address list presented by a proxies or a load balancer with the useragent IP address list presented by a proxies or a load balancer
via the request headers. via the request headers.
</description> </description>
@@ -33,26 +33,27 @@ via the request headers.
<identifier>remoteip_module</identifier> <identifier>remoteip_module</identifier>
<summary> <summary>
<p>This module is used to treat the client which initiated the <p>This module is used to treat the useragent which initiated the
request as the originating client as identified by httpd for the request as the originating useragent as identified by httpd for the
purposes of authorization and logging, even where that client is purposes of authorization and logging, even where that useragent is
behind a load balancer, front end server, or proxy server.</p> behind a load balancer, front end server, or proxy server.</p>
<p>The module overrides the peer IP address for the connection <p>The module overrides the client IP address for the connection
with the client IP address reported in the request header configured with the useragent IP address reported in the request header configured
with the <directive>RemoteIPHeader</directive> directive.</p> with the <directive>RemoteIPHeader</directive> directive.</p>
<p>Once replaced as instructed, this overridden client IP address is <p>Once replaced as instructed, this overridden useragent IP address is
then used for the <module>mod_authz_host</module> then used for the <module>mod_authz_host</module>
<directive module="mod_authz_host" type="section">Require ip</directive> <directive module="mod_authz_host" type="section">Require ip</directive>
feature, is reported by <module>mod_status</module>, and is recorded by feature, is reported by <module>mod_status</module>, and is recorded by
<module>mod_log_config</module> <code>%a</code> and <module>core</module> <module>mod_log_config</module> <code>%a</code> and <module>core</module>
<code>%a</code> format strings. The underlying peer IP of the connection <code>%a</code> format strings. The underlying client IP of the connection
is available in the <code>%{c}a</code> format string.</p> is available in the <code>%{c}a</code> format string.</p>
<note type="warning">It is critical to only enable this behavior from <note type="warning">It is critical to only enable this behavior from
intermediate hosts (proxies, etc) which are trusted by this server, since intermediate hosts (proxies, etc) which are trusted by this server, since
it is trivial for the remote client to impersonate another client.</note> it is trivial for the remote useragent to impersonate another
useragent.</note>
</summary> </summary>
<seealso><module>mod_authz_host</module></seealso> <seealso><module>mod_authz_host</module></seealso>
@@ -61,22 +62,22 @@ via the request headers.
<section id="processing"><title>Remote IP Processing</title> <section id="processing"><title>Remote IP Processing</title>
<p>Apache by default identifies the client with the connection's <p>Apache by default identifies the useragent with the connection's
peer_ip value, and the connection remote_host and remote_logname are client_ip value, and the connection remote_host and remote_logname are
derived from this value. These fields play a role in authentication, derived from this value. These fields play a role in authentication,
authorization and logging and other purposes by other loadable authorization and logging and other purposes by other loadable
modules.</p> modules.</p>
<p>mod_remoteip overrides the peer IP of the connection with the <p>mod_remoteip overrides the client IP of the connection with the
advertised client IP as provided by a proxy or load balancer, for advertised useragent IP as provided by a proxy or load balancer, for
the duration of the request. A load balancer might establish a long the duration of the request. A load balancer might establish a long
lived keepalive connection with the server, and each request will lived keepalive connection with the server, and each request will
have the correct client IP, even though the underlying peer IP have the correct useragent IP, even though the underlying client IP
address of the load balancer remains unchanged.</p> address of the load balancer remains unchanged.</p>
<p>When multiple, comma delimited client IP addresses are listed in the <p>When multiple, comma delimited useragent IP addresses are listed in the
header value, they are processed in Right-to-Left order. Processing header value, they are processed in Right-to-Left order. Processing
halts when a given client IP address is not trusted to present the halts when a given useragent IP address is not trusted to present the
preceding IP address. The header field is updated to this remaining preceding IP address. The header field is updated to this remaining
list of unconfirmed IP addresses, or if all IP addresses were trusted, list of unconfirmed IP addresses, or if all IP addresses were trusted,
this header is removed from the request altogether.</p> this header is removed from the request altogether.</p>
@@ -102,15 +103,15 @@ via the request headers.
<directivesynopsis> <directivesynopsis>
<name>RemoteIPHeader</name> <name>RemoteIPHeader</name>
<description>Declare the header field which should be parsed for client IP addresses</description> <description>Declare the header field which should be parsed for useragent IP addresses</description>
<syntax>RemoteIPHeader <var>header-field</var></syntax> <syntax>RemoteIPHeader <var>header-field</var></syntax>
<contextlist><context>server config</context><context>virtual host</context></contextlist> <contextlist><context>server config</context><context>virtual host</context></contextlist>
<usage> <usage>
<p>The <directive>RemoteIPHeader</directive> directive triggers <p>The <directive>RemoteIPHeader</directive> directive triggers
<module>mod_remoteip</module> to treat the value of the specified <module>mod_remoteip</module> to treat the value of the specified
<var>header-field</var> header as the client IP address, or list <var>header-field</var> header as the useragent IP address, or list
of intermediate client IP addresses, subject to further configuration of intermediate useragent IP addresses, subject to further configuration
of the <directive>RemoteIPInternalProxy</directive> and of the <directive>RemoteIPInternalProxy</directive> and
<directive>RemoteIPTrustedProxy</directive> directives. Unless these <directive>RemoteIPTrustedProxy</directive> directives. Unless these
other directives are used, <module>mod_remoteip</module> will trust all other directives are used, <module>mod_remoteip</module> will trust all
@@ -135,7 +136,7 @@ via the request headers.
<usage> <usage>
<p>The <directive>RemoteIPInternalProxy</directive> directive adds one <p>The <directive>RemoteIPInternalProxy</directive> directive adds one
or more addresses (or address blocks) to trust as presenting a valid or more addresses (or address blocks) to trust as presenting a valid
RemoteIPHeader value of the client IP. Unlike the RemoteIPHeader value of the useragent IP. Unlike the
<directive>RemoteIPTrustedProxy</directive> directive, any IP address <directive>RemoteIPTrustedProxy</directive> directive, any IP address
presented in this header, including private intranet addresses, are presented in this header, including private intranet addresses, are
trusted when passed from these proxies.</p> trusted when passed from these proxies.</p>
@@ -157,7 +158,7 @@ via the request headers.
<usage> <usage>
<p>The <directive>RemoteIPInternalProxyList</directive> directive specifies <p>The <directive>RemoteIPInternalProxyList</directive> directive specifies
a file parsed at startup, and builds a list of addresses (or address blocks) a file parsed at startup, and builds a list of addresses (or address blocks)
to trust as presenting a valid RemoteIPHeader value of the client IP.</p> to trust as presenting a valid RemoteIPHeader value of the useragent IP.</p>
<p>The '<code>#</code>' hash character designates a comment line, otherwise <p>The '<code>#</code>' hash character designates a comment line, otherwise
each whitespace or newline separated entry is processed identically to each whitespace or newline separated entry is processed identically to
@@ -185,7 +186,7 @@ via the request headers.
<usage> <usage>
<p>The <directive>RemoteIPProxiesHeader</directive> directive specifies <p>The <directive>RemoteIPProxiesHeader</directive> directive specifies
a header into which <module>mod_remoteip</module> will collect a list of a header into which <module>mod_remoteip</module> will collect a list of
all of the intermediate client IP addresses trusted to resolve the client all of the intermediate client IP addresses trusted to resolve the useragent
IP of the request. Note that intermediate IP of the request. Note that intermediate
<directive>RemoteIPTrustedProxy</directive> addresses are recorded in <directive>RemoteIPTrustedProxy</directive> addresses are recorded in
this header, while any intermediate this header, while any intermediate
@@ -207,11 +208,11 @@ via the request headers.
<usage> <usage>
<p>The <directive>RemoteIPTrustedProxy</directive> directive adds one <p>The <directive>RemoteIPTrustedProxy</directive> directive adds one
or more addresses (or address blocks) to trust as presenting a valid or more addresses (or address blocks) to trust as presenting a valid
RemoteIPHeader value of the client IP. Unlike the RemoteIPHeader value of the useragent IP. Unlike the
<directive>RemoteIPInternalProxy</directive> directive, any intranet <directive>RemoteIPInternalProxy</directive> directive, any intranet
or private IP address reported by such proxies, including the 10/8, 172.16/12, or private IP address reported by such proxies, including the 10/8, 172.16/12,
192.168/16, 169.254/16 and 127/8 blocks (or outside of the IPv6 public 192.168/16, 169.254/16 and 127/8 blocks (or outside of the IPv6 public
2000::/3 block) are not trusted as the client IP, and are left in the 2000::/3 block) are not trusted as the useragent IP, and are left in the
<directive>RemoteIPHeader</directive> header's value.</p> <directive>RemoteIPHeader</directive> header's value.</p>
<example><title>Trusted (Load Balancer) Example</title> <example><title>Trusted (Load Balancer) Example</title>
@@ -231,7 +232,7 @@ via the request headers.
<usage> <usage>
<p>The <directive>RemoteIPTrustedProxyList</directive> directive specifies <p>The <directive>RemoteIPTrustedProxyList</directive> directive specifies
a file parsed at startup, and builds a list of addresses (or address blocks) a file parsed at startup, and builds a list of addresses (or address blocks)
to trust as presenting a valid RemoteIPHeader value of the client IP.</p> to trust as presenting a valid RemoteIPHeader value of the useragent IP.</p>
<p>The '<code>#</code>' hash character designates a comment line, otherwise <p>The '<code>#</code>' hash character designates a comment line, otherwise
each whitespace or newline seperated entry is processed identically to each whitespace or newline seperated entry is processed identically to

4
include/httpd.h
View File

@@ -1053,10 +1053,10 @@ struct conn_rec {
/** local address */ /** local address */
apr_sockaddr_t *local_addr; apr_sockaddr_t *local_addr;
/** remote address */ /** remote address */
apr_sockaddr_t *peer_addr; apr_sockaddr_t *client_addr;
/** Client's IP address */ /** Client's IP address */
char *peer_ip; char *client_ip;
/** Client's DNS name, if known. NULL if DNS hasn't been checked, /** Client's DNS name, if known. NULL if DNS hasn't been checked,
* "" if it has and no address was found. N.B. Only access this though * "" if it has and no address was found. N.B. Only access this though
* get_remote_host() */ * get_remote_host() */

2
modules/cluster/mod_heartmonitor.c
View File

@@ -761,7 +761,7 @@ static int hm_handler(request_rec *r)
buf[len] = '\0'; buf[len] = '\0';
tbl = apr_table_make(r->pool, 10); tbl = apr_table_make(r->pool, 10);
qs_to_table(buf, tbl, r->pool); qs_to_table(buf, tbl, r->pool);
apr_sockaddr_ip_get(&ip, r->connection->peer_addr); apr_sockaddr_ip_get(&ip, r->connection->client_addr);
hmserver.ip = ip; hmserver.ip = ip;
hmserver.port = 80; hmserver.port = 80;
if (apr_table_get(tbl, "port") != NULL) if (apr_table_get(tbl, "port") != NULL)

6
modules/echo/mod_echo.c
View File

@@ -154,7 +154,7 @@ static int process_echo_connection(conn_rec *c)
if (!APR_STATUS_IS_EOF(rv) && ! APR_STATUS_IS_TIMEUP(rv)) if (!APR_STATUS_IS_EOF(rv) && ! APR_STATUS_IS_TIMEUP(rv))
ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, APLOGNO(01611) ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, APLOGNO(01611)
"ProtocolEcho: Failure reading from %s", "ProtocolEcho: Failure reading from %s",
c->peer_ip); c->client_ip);
break; break;
} }
@@ -163,7 +163,7 @@ static int process_echo_connection(conn_rec *c)
apr_brigade_cleanup(bb); apr_brigade_cleanup(bb);
ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, APLOGNO(01612) ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, APLOGNO(01612)
"ProtocolEcho: Error - read empty brigade from %s!", "ProtocolEcho: Error - read empty brigade from %s!",
c->peer_ip); c->client_ip);
break; break;
} }
@@ -181,7 +181,7 @@ static int process_echo_connection(conn_rec *c)
if (rv != APR_SUCCESS) { if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, APLOGNO(01613) ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, APLOGNO(01613)
"ProtocolEcho: Failure writing to %s", "ProtocolEcho: Failure writing to %s",
c->peer_ip); c->client_ip);
break; break;
} }
apr_brigade_cleanup(bb); apr_brigade_cleanup(bb);

4
modules/experimental/mod_noloris.c
View File

@@ -67,11 +67,11 @@ static int noloris_conn(conn_rec *conn)
/* check the IP is not banned */ /* check the IP is not banned */
shm_rec = apr_shm_baseaddr_get(shm); shm_rec = apr_shm_baseaddr_get(shm);
while (shm_rec[0] != '\0') { while (shm_rec[0] != '\0') {
if (!strcmp(shm_rec, conn->peer_ip)) { if (!strcmp(shm_rec, conn->client_ip)) {
apr_socket_t *csd = ap_get_conn_socket(conn); apr_socket_t *csd = ap_get_conn_socket(conn);
ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, conn, APLOGNO(02059) ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, conn, APLOGNO(02059)
"Dropping connection from banned IP %s", "Dropping connection from banned IP %s",
conn->peer_ip); conn->client_ip);
apr_socket_close(csd); apr_socket_close(csd);
return DONE; return DONE;

2
modules/loggers/mod_log_config.c
View File

@@ -311,7 +311,7 @@ static const char *log_remote_host(request_rec *r, char *a)
static const char *log_remote_address(request_rec *r, char *a) static const char *log_remote_address(request_rec *r, char *a)
{ {
if (a && !strcmp(a, "c")) { if (a && !strcmp(a, "c")) {
return r->connection->peer_ip; return r->connection->client_ip;
} }
else { else {
return r->useragent_ip; return r->useragent_ip;

2
modules/lua/lua_request.c
View File

@@ -743,7 +743,7 @@ AP_LUA_DECLARE(void) ap_lua_push_connection(lua_State *L, conn_rec *c)
ap_lua_push_apr_table(L, c->notes); ap_lua_push_apr_table(L, c->notes);
lua_setfield(L, -2, "notes"); lua_setfield(L, -2, "notes");
lua_pushstring(L, c->peer_ip); lua_pushstring(L, c->client_ip);
lua_setfield(L, -2, "remote_ip"); lua_setfield(L, -2, "remote_ip");
lua_pop(L, 1); lua_pop(L, 1);

6
modules/metadata/mod_ident.c
View File

@@ -101,14 +101,14 @@ static apr_status_t rfc1413_connect(apr_socket_t **newsock, conn_rec *conn,
return rv; return rv;
} }
if ((rv = apr_sockaddr_info_get(&destsa, conn->peer_ip, if ((rv = apr_sockaddr_info_get(&destsa, conn->client_ip,
localsa->family, /* has to match */ localsa->family, /* has to match */
RFC1413_PORT, 0, conn->pool)) != APR_SUCCESS) { RFC1413_PORT, 0, conn->pool)) != APR_SUCCESS) {
/* This should not fail since we have a numeric address string /* This should not fail since we have a numeric address string
* as the host. */ * as the host. */
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, srv, APLOGNO(01493) ap_log_error(APLOG_MARK, APLOG_CRIT, rv, srv, APLOGNO(01493)
"rfc1413: apr_sockaddr_info_get(%s) failed", "rfc1413: apr_sockaddr_info_get(%s) failed",
conn->peer_ip); conn->client_ip);
return rv; return rv;
} }
@@ -167,7 +167,7 @@ static apr_status_t rfc1413_query(apr_socket_t *sock, conn_rec *conn,
apr_size_t buflen; apr_size_t buflen;
sav_our_port = conn->local_addr->port; sav_our_port = conn->local_addr->port;
sav_rmt_port = conn->peer_addr->port; sav_rmt_port = conn->client_addr->port;
/* send the data */ /* send the data */
buflen = apr_snprintf(buffer, sizeof(buffer), "%hu,%hu\r\n", sav_rmt_port, buflen = apr_snprintf(buffer, sizeof(buffer), "%hu,%hu\r\n", sav_rmt_port,

12
modules/metadata/mod_remoteip.c
View File

@@ -243,18 +243,18 @@ static int remoteip_modify_request(request_rec *r)
} }
remote = apr_pstrdup(r->pool, remote); remote = apr_pstrdup(r->pool, remote);
temp_sa = c->peer_addr; temp_sa = c->client_addr;
while (remote) { while (remote) {
/* verify c->peer_addr is trusted if there is a trusted proxy list /* verify c->client_addr is trusted if there is a trusted proxy list
*/ */
if (config->proxymatch_ip) { if (config->proxymatch_ip) {
int i; int i;
remoteip_proxymatch_t *match; remoteip_proxymatch_t *match;
match = (remoteip_proxymatch_t *)config->proxymatch_ip->elts; match = (remoteip_proxymatch_t *)config->proxymatch_ip->elts;
for (i = 0; i < config->proxymatch_ip->nelts; ++i) { for (i = 0; i < config->proxymatch_ip->nelts; ++i) {
if (apr_ipsubnet_test(match[i].ip, c->peer_addr)) { if (apr_ipsubnet_test(match[i].ip, c->client_addr)) {
internal = match[i].internal; internal = match[i].internal;
break; break;
} }
@@ -356,14 +356,14 @@ static int remoteip_modify_request(request_rec *r)
req = (remoteip_req_t *) apr_palloc(r->pool, sizeof(remoteip_req_t)); req = (remoteip_req_t *) apr_palloc(r->pool, sizeof(remoteip_req_t));
} }
/* Set peer_ip string */ /* Set useragent_ip string */
if (!internal) { if (!internal) {
if (proxy_ips) { if (proxy_ips) {
proxy_ips = apr_pstrcat(r->pool, proxy_ips, ", ", proxy_ips = apr_pstrcat(r->pool, proxy_ips, ", ",
c->peer_ip, NULL); c->client_ip, NULL);
} }
else { else {
proxy_ips = c->peer_ip; proxy_ips = c->client_ip;
} }
} }

14
modules/proxy/mod_proxy_http.c
View File

@@ -532,7 +532,7 @@ static int stream_reqbody_cl(apr_pool_t *p,
if (bytes_streamed != cl_val) { if (bytes_streamed != cl_val) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01087) ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01087)
"client %s given Content-Length did not match" "client %s given Content-Length did not match"
" number of body bytes read", r->connection->peer_ip); " number of body bytes read", r->connection->client_ip);
return HTTP_BAD_REQUEST; return HTTP_BAD_REQUEST;
} }
@@ -1052,7 +1052,7 @@ int ap_proxy_http_request(apr_pool_t *p, request_rec *r,
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01094) ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01094)
"client %s (%s) requested Transfer-Encoding " "client %s (%s) requested Transfer-Encoding "
"chunked body with Content-Length (C-L ignored)", "chunked body with Content-Length (C-L ignored)",
c->peer_ip, c->remote_host ? c->remote_host: ""); c->client_ip, c->remote_host ? c->remote_host: "");
apr_table_unset(r->headers_in, "Content-Length"); apr_table_unset(r->headers_in, "Content-Length");
old_cl_val = NULL; old_cl_val = NULL;
origin->keepalive = AP_CONN_CLOSE; origin->keepalive = AP_CONN_CLOSE;
@@ -1077,7 +1077,7 @@ int ap_proxy_http_request(apr_pool_t *p, request_rec *r,
"prefetch request body failed to %pI (%s)" "prefetch request body failed to %pI (%s)"
" from %s (%s)", " from %s (%s)",
p_conn->addr, p_conn->hostname ? p_conn->hostname: "", p_conn->addr, p_conn->hostname ? p_conn->hostname: "",
c->peer_ip, c->remote_host ? c->remote_host: ""); c->client_ip, c->remote_host ? c->remote_host: "");
return HTTP_BAD_REQUEST; return HTTP_BAD_REQUEST;
} }
@@ -1099,7 +1099,7 @@ int ap_proxy_http_request(apr_pool_t *p, request_rec *r,
"processing prefetched request body failed" "processing prefetched request body failed"
" to %pI (%s) from %s (%s)", " to %pI (%s) from %s (%s)",
p_conn->addr, p_conn->hostname ? p_conn->hostname: "", p_conn->addr, p_conn->hostname ? p_conn->hostname: "",
c->peer_ip, c->remote_host ? c->remote_host: ""); c->client_ip, c->remote_host ? c->remote_host: "");
return HTTP_INTERNAL_SERVER_ERROR; return HTTP_INTERNAL_SERVER_ERROR;
} }
@@ -1238,7 +1238,7 @@ skip_body:
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01097) ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01097)
"pass request body failed to %pI (%s) from %s (%s)", "pass request body failed to %pI (%s) from %s (%s)",
p_conn->addr, p_conn->hostname ? p_conn->hostname: "", p_conn->addr, p_conn->hostname ? p_conn->hostname: "",
c->peer_ip, c->remote_host ? c->remote_host: ""); c->client_ip, c->remote_host ? c->remote_host: "");
return rv; return rv;
} }
@@ -1295,8 +1295,8 @@ static request_rec *make_fake_req(conn_rec *c, request_rec *r)
rp->input_filters = c->input_filters; rp->input_filters = c->input_filters;
rp->proto_output_filters = c->output_filters; rp->proto_output_filters = c->output_filters;
rp->proto_input_filters = c->input_filters; rp->proto_input_filters = c->input_filters;
rp->useragent_ip = c->peer_ip; rp->useragent_ip = c->client_ip;
rp->useragent_addr = c->peer_addr; rp->useragent_addr = c->client_addr;
rp->request_config = ap_create_request_config(pool); rp->request_config = ap_create_request_config(pool);
proxy_run_create_req(r, rp); proxy_run_create_req(r, rp);

10
server/core.c
View File

@@ -829,7 +829,7 @@ static APR_INLINE void do_double_reverse (conn_rec *conn)
rv = apr_sockaddr_info_get(&sa, conn->remote_host, APR_UNSPEC, 0, 0, conn->pool); rv = apr_sockaddr_info_get(&sa, conn->remote_host, APR_UNSPEC, 0, 0, conn->pool);
if (rv == APR_SUCCESS) { if (rv == APR_SUCCESS) {
while (sa) { while (sa) {
if (apr_sockaddr_equal(sa, conn->peer_addr)) { if (apr_sockaddr_equal(sa, conn->client_addr)) {
conn->double_reverse = 1; conn->double_reverse = 1;
return; return;
} }
@@ -871,7 +871,7 @@ AP_DECLARE(const char *) ap_get_remote_host(conn_rec *conn, void *dir_config,
&& (type == REMOTE_DOUBLE_REV && (type == REMOTE_DOUBLE_REV
|| hostname_lookups != HOSTNAME_LOOKUP_OFF)) { || hostname_lookups != HOSTNAME_LOOKUP_OFF)) {
if (apr_getnameinfo(&conn->remote_host, conn->peer_addr, 0) if (apr_getnameinfo(&conn->remote_host, conn->client_addr, 0)
== APR_SUCCESS) { == APR_SUCCESS) {
ap_str_tolower(conn->remote_host); ap_str_tolower(conn->remote_host);
@@ -910,7 +910,7 @@ AP_DECLARE(const char *) ap_get_remote_host(conn_rec *conn, void *dir_config,
} }
else { else {
*str_is_ip = 1; *str_is_ip = 1;
return conn->peer_ip; return conn->client_ip;
} }
} }
} }
@@ -4497,7 +4497,7 @@ static conn_rec *core_create_conn(apr_pool_t *ptrans, server_rec *server,
} }
apr_sockaddr_ip_get(&c->local_ip, c->local_addr); apr_sockaddr_ip_get(&c->local_ip, c->local_addr);
if ((rv = apr_socket_addr_get(&c->peer_addr, APR_REMOTE, csd)) if ((rv = apr_socket_addr_get(&c->client_addr, APR_REMOTE, csd))
!= APR_SUCCESS) { != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_INFO, rv, server, APLOGNO(00138) ap_log_error(APLOG_MARK, APLOG_INFO, rv, server, APLOGNO(00138)
"apr_socket_addr_get(APR_REMOTE)"); "apr_socket_addr_get(APR_REMOTE)");
@@ -4505,7 +4505,7 @@ static conn_rec *core_create_conn(apr_pool_t *ptrans, server_rec *server,
return NULL; return NULL;
} }
apr_sockaddr_ip_get(&c->peer_ip, c->peer_addr); apr_sockaddr_ip_get(&c->client_ip, c->client_addr);
c->base_server = server; c->base_server = server;
c->id = id; c->id = id;

8
server/log.c
View File

@@ -565,8 +565,8 @@ static int log_remote_address(const ap_errorlog_info *info, const char *arg,
return apr_snprintf(buf, buflen, "%s:%d", info->r->useragent_ip, return apr_snprintf(buf, buflen, "%s:%d", info->r->useragent_ip,
info->r->useragent_addr->port); info->r->useragent_addr->port);
else if (info->c) else if (info->c)
return apr_snprintf(buf, buflen, "%s:%d", info->c->peer_ip, return apr_snprintf(buf, buflen, "%s:%d", info->c->client_ip,
info->c->peer_addr->port); info->c->client_addr->port);
else else
return 0; return 0;
} }
@@ -962,7 +962,7 @@ static int do_errorlog_default(const ap_errorlog_info *info, char *buf,
} }
/* /*
* useragent_ip/peer_ip can be client or backend server. If we have * useragent_ip/client_ip can be client or backend server. If we have
* a scoreboard handle, it is likely a client. * a scoreboard handle, it is likely a client.
*/ */
if (info->r) { if (info->r) {
@@ -973,7 +973,7 @@ static int do_errorlog_default(const ap_errorlog_info *info, char *buf,
else if (info->c) { else if (info->c) {
len += apr_snprintf(buf + len, buflen - len, len += apr_snprintf(buf + len, buflen - len,
info->c->sbh ? "[client %s:%d] " : "[remote %s:%d] ", info->c->sbh ? "[client %s:%d] " : "[remote %s:%d] ",
info->c->peer_ip, info->c->peer_addr->port); info->c->client_ip, info->c->client_addr->port);
} }
/* the actual error message */ /* the actual error message */

4
server/protocol.c
View File

@@ -976,8 +976,8 @@ request_rec *ap_read_request(conn_rec *conn)
*/ */
r->used_path_info = AP_REQ_DEFAULT_PATH_INFO; r->used_path_info = AP_REQ_DEFAULT_PATH_INFO;
r->useragent_addr = conn->peer_addr; r->useragent_addr = conn->client_addr;
r->useragent_ip = conn->peer_ip; r->useragent_ip = conn->client_ip;
tmp_bb = apr_brigade_create(r->pool, r->connection->bucket_alloc); tmp_bb = apr_brigade_create(r->pool, r->connection->bucket_alloc);

4
server/util_expr_eval.c
View File

@@ -1208,7 +1208,7 @@ static const char *conn_var_fn(ap_expr_eval_ctx_t *ctx, const void *data)
case 1: case 1:
#if APR_HAVE_IPV6 #if APR_HAVE_IPV6
{ {
apr_sockaddr_t *addr = c->peer_addr; apr_sockaddr_t *addr = c->client_addr;
if (addr->family == AF_INET6 if (addr->family == AF_INET6
&& !IN6_IS_ADDR_V4MAPPED((struct in6_addr *)addr->ipaddr_ptr)) && !IN6_IS_ADDR_V4MAPPED((struct in6_addr *)addr->ipaddr_ptr))
return "on"; return "on";
@@ -1221,7 +1221,7 @@ static const char *conn_var_fn(ap_expr_eval_ctx_t *ctx, const void *data)
case 2: case 2:
return c->log_id; return c->log_id;
case 3: case 3:
return c->peer_ip; return c->client_ip;
default: default:
ap_assert(0); ap_assert(0);
return NULL; return NULL;

2
server/util_script.c
View File

@@ -243,7 +243,7 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r)
apr_table_addn(e, "SERVER_ADMIN", s->server_admin); /* Apache */ apr_table_addn(e, "SERVER_ADMIN", s->server_admin); /* Apache */
apr_table_addn(e, "SCRIPT_FILENAME", r->filename); /* Apache */ apr_table_addn(e, "SCRIPT_FILENAME", r->filename); /* Apache */
rport = c->peer_addr->port; rport = c->client_addr->port;
apr_table_addn(e, "REMOTE_PORT", apr_itoa(r->pool, rport)); apr_table_addn(e, "REMOTE_PORT", apr_itoa(r->pool, rport));
if (r->user) { if (r->user) {