Browse Source

[core] use con->dst_addr_buf instead of ip recalc

use con->dst_addr_buf over inet_ntop_cache_get_ip(srv, &(con->dst_addr))
personal/stbuehler/mod-csrf
Glenn Strauss 5 years ago
parent
commit
20ed025685
  1. 6
      src/mod_evasive.c
  2. 24
      src/mod_extforward.c
  3. 3
      src/mod_proxy.c
  4. 4
      src/mod_status.c
  5. 3
      src/mod_trigger_b4_dl.c

6
src/mod_evasive.c

@ -7,8 +7,6 @@
#include "plugin.h"
#include "inet_ntop_cache.h"
#include <stdlib.h>
#include <string.h>
@ -194,8 +192,8 @@ URIHANDLER_FUNC(mod_evasive_uri_handler) {
if (conns_by_ip > p->conf.max_conns) {
if (!p->conf.silent) {
log_error_write(srv, __FILE__, __LINE__, "ss",
inet_ntop_cache_get_ip(srv, &(con->dst_addr)),
log_error_write(srv, __FILE__, __LINE__, "bs",
con->dst_addr_buf,
"turned away. Too many connections.");
}

24
src/mod_extforward.c

@ -366,16 +366,8 @@ static void clean_cond_cache(server *srv, connection *con) {
URIHANDLER_FUNC(mod_extforward_uri_handler) {
plugin_data *p = p_d;
data_string *forwarded = NULL;
#ifdef HAVE_IPV6
char b2[INET6_ADDRSTRLEN + 1];
#endif
const char *dst_addr_str = NULL;
array *forward_array = NULL;
const char *real_remote_addr = NULL;
#ifdef HAVE_IPV6
#endif
if (!con->request.headers) return HANDLER_GO_ON;
mod_extforward_patch_connection(srv, con, p);
@ -405,21 +397,11 @@ URIHANDLER_FUNC(mod_extforward_uri_handler) {
return HANDLER_GO_ON;
}
#ifdef HAVE_IPV6
dst_addr_str = inet_ntop(con->dst_addr.plain.sa_family,
con->dst_addr.plain.sa_family == AF_INET6 ?
(struct sockaddr *)&(con->dst_addr.ipv6.sin6_addr) :
(struct sockaddr *)&(con->dst_addr.ipv4.sin_addr),
b2, (sizeof b2) - 1);
#else
dst_addr_str = inet_ntoa(con->dst_addr.ipv4.sin_addr);
#endif
/* if the remote ip itself is not trusted, then do nothing */
if (IP_UNTRUSTED == is_proxy_trusted(dst_addr_str, p)) {
if (IP_UNTRUSTED == is_proxy_trusted(con->dst_addr_buf->ptr, p)) {
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "sss",
"remote address", dst_addr_str, "is NOT a trusted proxy, skipping");
log_error_write(srv, __FILE__, __LINE__, "sbs",
"remote address", con->dst_addr_buf, "is NOT a trusted proxy, skipping");
}
return HANDLER_GO_ON;

3
src/mod_proxy.c

@ -13,7 +13,6 @@
#include "plugin.h"
#include "inet_ntop_cache.h"
#include "crc32.h"
#include <sys/types.h>
@ -656,7 +655,7 @@ static int proxy_create_env(server *srv, handler_ctx *hctx) {
buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
}
proxy_append_header(con, "X-Forwarded-For", (char *)inet_ntop_cache_get_ip(srv, &(con->dst_addr)));
proxy_append_header(con, "X-Forwarded-For", con->dst_addr_buf->ptr);
/* http_host is NOT is just a pointer to a buffer
* which is NULL if it is not set */
if (!buffer_string_is_empty(con->request.http_host)) {

4
src/mod_status.c

@ -8,8 +8,6 @@
#include "plugin.h"
#include "inet_ntop_cache.h"
#include <sys/types.h>
#include <fcntl.h>
@ -516,7 +514,7 @@ static handler_t mod_status_handle_server_status_html(server *srv, connection *c
buffer_append_string_len(b, CONST_STR_LEN("<tr><td class=\"string\">"));
buffer_append_string(b, inet_ntop_cache_get_ip(srv, &(c->dst_addr)));
buffer_append_string_buffer(b, c->dst_addr_buf);
buffer_append_string_len(b, CONST_STR_LEN("</td><td class=\"int\">"));

3
src/mod_trigger_b4_dl.c

@ -6,7 +6,6 @@
#include "plugin.h"
#include "response.h"
#include "inet_ntop_cache.h"
#include <stdlib.h>
#include <string.h>
@ -361,7 +360,7 @@ URIHANDLER_FUNC(mod_trigger_b4_dl_uri_handler) {
/* memcache can't handle spaces */
} else {
remote_ip = inet_ntop_cache_get_ip(srv, &(con->dst_addr));
remote_ip = con->dst_addr_buf->ptr;
}
if (p->conf.debug) {

Loading…
Cancel
Save