httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 54651] mod_remoteip ends up trusting IPs that it doesn't check
Date Mon, 06 Jan 2014 16:30:50 GMT

--- Comment #2 from Mike Rumph <> ---
Created attachment 31174
Patch to use correct IP address for trusted proxy comparison.

Worked the patch in the bug description as an attachment.
This patch is an essential fix for mod_remoteip to function properly.
This fix should be receiving some attention.

Without this fix the remoteip_modify_request() function in mod_remoteip.c will
not be using the correct IP address for comparison against the trusted proxy
list when the RemoteIPHeader header value is a list.
The first pass of the while will work correctly,
but the subsequent passes will not.

You are receiving this mail because:
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message