httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: svn commit: r1729901 - in /httpd/httpd/trunk: CHANGES include/ap_mmn.h include/http_core.h include/httpd.h server/core.c
Date Fri, 12 Feb 2016 00:20:02 GMT
I fixed two minor compilation failures, but one type of failure remains:

.../server/core.c: In function 'ap_get_remote_host':
.../server/core.c:959:17: error: cannot take address of bit-field 
'double_reverse'
                  do_double_reverse(&conn->double_reverse, 
conn->remote_host,
                  ^
.../server/core.c:974:9: error: cannot take address of bit-field 
'double_reverse'
          do_double_reverse(&conn->double_reverse, conn->remote_host,
          ^

Regards,

Rainer

Am 11.02.2016 um 22:58 schrieb wrowe@apache.org:
> Author: wrowe
> Date: Thu Feb 11 21:58:45 2016
> New Revision: 1729901
>
> URL: http://svn.apache.org/viewvc?rev=1729901&view=rev
> Log:
> Introduce an ap_get_useragent_host() accessor to replace the old
> ap_get_remote_host() in most applications, but preserve the original
> behavior for all ap_get_remote_host() consumers (mostly, because we
> don't have the request_rec in the first place, and also to avoid any
> unintended consequences).
>
> This accessor continues to store the remote_host of connection based
> uesr agents within the conn_rec for optimization.  Only where some
> other module modifies the useragent_addr will we perform a per-request
> query of the remote_host.
>
> (Committed previously, but backed out due to unrelated core.c changes)
>
> Modified:
>      httpd/httpd/trunk/CHANGES
>      httpd/httpd/trunk/include/ap_mmn.h
>      httpd/httpd/trunk/include/http_core.h
>      httpd/httpd/trunk/include/httpd.h
>      httpd/httpd/trunk/server/core.c
>
> Modified: httpd/httpd/trunk/CHANGES
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1729901&r1=1729900&r2=1729901&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/CHANGES [utf-8] (original)
> +++ httpd/httpd/trunk/CHANGES [utf-8] Thu Feb 11 21:58:45 2016
> @@ -1,6 +1,11 @@
>                                                            -*- coding: utf-8 -*-
>   Changes with Apache 2.5.0
>
> +  *) core: Track the useragent_host per-request when mod_remoteip or similar
> +     modules track a per-request useragent_ip.  Modules should be updated
> +     to inquire for ap_get_useragent_host() in place of ap_get_remote_host().
> +     [William Rowe]
> +
>     *) mod_proxy: Play/restore the TLS-SNI on new backend connections which
>        had to be issued because the remote closed the previous/reusable one
>        during idle (keep-alive) time.  [Yann Ylavic]
>
> Modified: httpd/httpd/trunk/include/ap_mmn.h
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/ap_mmn.h?rev=1729901&r1=1729900&r2=1729901&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/include/ap_mmn.h (original)
> +++ httpd/httpd/trunk/include/ap_mmn.h Thu Feb 11 21:58:45 2016
> @@ -500,6 +500,8 @@
>    * 20150222.9 (2.5.0-dev)  Add epxr_hander to core_dir_config.
>    * 20150222.10 (2.5.0-dev) Add new ap_update_child_status...() methods,
>    *                         add protocol to worker_score in scoreboard.h
> + * 20150222.11 (2.5.0-dev) Split useragent_host from the conn_rec into
> + *                         the request_rec, with ap_get_useragent_host()
>    */
>
>   #define MODULE_MAGIC_COOKIE 0x41503235UL /* "AP25" */
> @@ -507,7 +509,7 @@
>   #ifndef MODULE_MAGIC_NUMBER_MAJOR
>   #define MODULE_MAGIC_NUMBER_MAJOR 20150222
>   #endif
> -#define MODULE_MAGIC_NUMBER_MINOR 10                 /* 0...n */
> +#define MODULE_MAGIC_NUMBER_MINOR 11                 /* 0...n */
>
>   /**
>    * Determine if the server's current MODULE_MAGIC_NUMBER is at least a
>
> Modified: httpd/httpd/trunk/include/http_core.h
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/http_core.h?rev=1729901&r1=1729900&r2=1729901&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/include/http_core.h (original)
> +++ httpd/httpd/trunk/include/http_core.h Thu Feb 11 21:58:45 2016
> @@ -159,6 +159,32 @@ AP_DECLARE(int) ap_allow_overrides(reque
>   AP_DECLARE(const char *) ap_document_root(request_rec *r);
>
>   /**
> + * Lookup the remote user agent's DNS name or IP address
> + * @ingroup get_remote_hostname
> + * @param req The current request
> + * @param type The type of lookup to perform.  One of:
> + * <pre>
> + *     REMOTE_HOST returns the hostname, or NULL if the hostname
> + *                 lookup fails.  It will force a DNS lookup according to the
> + *                 HostnameLookups setting.
> + *     REMOTE_NAME returns the hostname, or the dotted quad if the
> + *                 hostname lookup fails.  It will force a DNS lookup according
> + *                 to the HostnameLookups setting.
> + *     REMOTE_NOLOOKUP is like REMOTE_NAME except that a DNS lookup is
> + *                     never forced.
> + *     REMOTE_DOUBLE_REV will always force a DNS lookup, and also force
> + *                   a double reverse lookup, regardless of the HostnameLookups
> + *                   setting.  The result is the (double reverse checked)
> + *                   hostname, or NULL if any of the lookups fail.
> + * </pre>
> + * @param str_is_ip unless NULL is passed, this will be set to non-zero on
> + *        output when an IP address string is returned
> + * @return The remote hostname (based on the request useragent_ip)
> + */
> +AP_DECLARE(const char *) ap_get_useragent_host(request_rec *req, int type,
> +                                               int *str_is_ip);
> +
> +/**
>    * Lookup the remote client's DNS name or IP address
>    * @ingroup get_remote_host
>    * @param conn The current connection
> @@ -180,7 +206,7 @@ AP_DECLARE(const char *) ap_document_roo
>    * </pre>
>    * @param str_is_ip unless NULL is passed, this will be set to non-zero on output when
an IP address
>    *        string is returned
> - * @return The remote hostname
> + * @return The remote hostname (based on the connection client_ip)
>    */
>   AP_DECLARE(const char *) ap_get_remote_host(conn_rec *conn, void *dir_config, int type,
int *str_is_ip);
>
>
> Modified: httpd/httpd/trunk/include/httpd.h
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/httpd.h?rev=1729901&r1=1729900&r2=1729901&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/include/httpd.h (original)
> +++ httpd/httpd/trunk/include/httpd.h Thu Feb 11 21:58:45 2016
> @@ -1056,6 +1056,16 @@ struct request_rec {
>       apr_table_t *trailers_in;
>       /** MIME trailer environment from the response */
>       apr_table_t *trailers_out;
> +
> +    /** Originator's DNS name, if known.  NULL if DNS hasn't been checked,
> +     *  "" if it has and no address was found.  N.B. Only access this though
> +     *  ap_get_useragent_host() */
> +    char *useragent_host;
> +    /** have we done double-reverse DNS? -1 yes/failure, 0 not yet,
> +     *  1 yes/success
> +     *  TODO: 2 bit signed bitfield when this structure is compacted
> +     */
> +    int double_reverse;
>   };
>
>   /**
>
> Modified: httpd/httpd/trunk/server/core.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?rev=1729901&r1=1729900&r2=1729901&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/server/core.c (original)
> +++ httpd/httpd/trunk/server/core.c Thu Feb 11 21:58:45 2016
> @@ -887,27 +887,30 @@ char *ap_response_code_string(request_re
>
>
>   /* Code from Harald Hanche-Olsen <hanche@imf.unit.no> */
> -static APR_INLINE void do_double_reverse (conn_rec *conn)
> +static APR_INLINE void do_double_reverse (int *double_reverse,
> +                                          const char *remote_host,
> +                                          apr_sockaddr_t *client_addr,
> +                                          apr_pool_t *pool)
>   {
>       apr_sockaddr_t *sa;
>       apr_status_t rv;
>
> -    if (conn->double_reverse) {
> +    if (*double_reverse) {
>           /* already done */
>           return;
>       }
>
> -    if (conn->remote_host == NULL || conn->remote_host[0] == '\0') {
> +    if (remote_host == NULL || remote_host[0] == '\0') {
>           /* single reverse failed, so don't bother */
> -        conn->double_reverse = -1;
> +        *double_reverse = -1;
>           return;
>       }
>
> -    rv = apr_sockaddr_info_get(&sa, conn->remote_host, APR_UNSPEC, 0, 0, conn->pool);
> +    rv = apr_sockaddr_info_get(&sa, remote_host, APR_UNSPEC, 0, 0, pool);
>       if (rv == APR_SUCCESS) {
>           while (sa) {
> -            if (apr_sockaddr_equal(sa, conn->client_addr)) {
> -                conn->double_reverse = 1;
> +            if (apr_sockaddr_equal(sa, client_addr)) {
> +                *double_reverse = 1;
>                   return;
>               }
>
> @@ -915,7 +918,7 @@ static APR_INLINE void do_double_reverse
>           }
>       }
>
> -    conn->double_reverse = -1;
> +    *double_reverse = -1;
>   }
>
>   AP_DECLARE(const char *) ap_get_remote_host(conn_rec *conn, void *dir_config,
> @@ -953,7 +956,8 @@ AP_DECLARE(const char *) ap_get_remote_h
>               ap_str_tolower(conn->remote_host);
>
>               if (hostname_lookups == HOSTNAME_LOOKUP_DOUBLE) {
> -                do_double_reverse(conn);
> +                do_double_reverse(&conn->double_reverse, conn->remote_host,
> +                                  conn->client_addr, conn->pool)
>                   if (conn->double_reverse != 1) {
>                       conn->remote_host = NULL;
>                   }
> @@ -967,7 +971,8 @@ AP_DECLARE(const char *) ap_get_remote_h
>       }
>
>       if (type == REMOTE_DOUBLE_REV) {
> -        do_double_reverse(conn);
> +        do_double_reverse(&conn->double_reverse, conn->remote_host,
> +                          conn->client_addr, conn->pool)
>           if (conn->double_reverse == -1) {
>               return NULL;
>           }
> @@ -991,6 +996,80 @@ AP_DECLARE(const char *) ap_get_remote_h
>           }
>       }
>   }
> +
> +AP_DECLARE(const char *) ap_get_useragent_host(request_rec *r,
> +                                               int type, int *str_is_ip)
> +{
> +    conn_rec *conn = r->connection;
> +    int hostname_lookups;
> +    int ignored_str_is_ip;
> +
> +    if (req->useragent_addr == conn->client_addr) {
> +        return ap_get_remote_host(conn, r->per_dir_config, type, str_is_ip);
> +    }
> +
> +    if (!str_is_ip) { /* caller doesn't want to know */
> +        str_is_ip = &ignored_str_is_ip;
> +    }
> +    *str_is_ip = 0;
> +
> +    hostname_lookups = ((core_dir_config *)
> +                        ap_get_core_module_config(r->per_dir_config))
> +                            ->hostname_lookups;
> +    if (hostname_lookups == HOSTNAME_LOOKUP_UNSET) {
> +        hostname_lookups = HOSTNAME_LOOKUP_OFF;
> +    }
> +
> +    if (type != REMOTE_NOLOOKUP
> +        && r->useragent_host == NULL
> +        && (type == REMOTE_DOUBLE_REV
> +        || hostname_lookups != HOSTNAME_LOOKUP_OFF)) {
> +
> +        if (apr_getnameinfo(&r->useragent_host, r->useragent_addr, 0)
> +            == APR_SUCCESS) {
> +            ap_str_tolower(r->useragent_host);
> +
> +            if (hostname_lookups == HOSTNAME_LOOKUP_DOUBLE) {
> +                do_double_reverse(&r->double_reverse, r->useragent_host,
> +                                  r->useragent_addr, r->pool)
> +                if (r->double_reverse != 1) {
> +                    r->useragent_host = NULL;
> +                }
> +            }
> +        }
> +
> +        /* if failed, set it to the NULL string to indicate error */
> +        if (r->useragent_host == NULL) {
> +            r->useragent_host = "";
> +        }
> +    }
> +
> +    if (type == REMOTE_DOUBLE_REV) {
> +        do_double_reverse(&r->double_reverse, r->useragent_host,
> +                          r->useragent_addr, r->pool)
> +        if (r->double_reverse == -1) {
> +            return NULL;
> +        }
> +    }
> +
> +    /*
> +     * Return the desired information; either the remote DNS name, if found,
> +     * or either NULL (if the hostname was requested) or the IP address
> +     * (if any identifier was requested).
> +     */
> +    if (r->useragent_host != NULL && r->useragent_host[0] != '\0') {
> +        return r->useragent_host;
> +    }
> +    else {
> +        if (type == REMOTE_HOST || type == REMOTE_DOUBLE_REV) {
> +            return NULL;
> +        }
> +        else {
> +            *str_is_ip = 1;
> +            return r->useragent_ip;
> +        }
> +    }
> +}
>
>   /*
>    * Optional function coming from mod_ident, used for looking up ident user

Mime
View raw message