Project

General

Profile

Bug #3051

closed

mod_extforward regression 1.4.56

Added by glen 10 days ago. Updated 9 days ago.

Status:
Fixed
Priority:
Normal
Category:
mod_extforward
Target version:
ASK QUESTIONS IN Forums:
No

Description

  • OK: 1.4.55
  • Broken: 1.4.56
  • Broken: 1.4.58

Example config:

    extforward.forwarder           = (
        "192.168.24.21" => "trust",
        "192.168.24.22" => "trust",
        # 2
    )

Expected REMOTE_ADDR=a.b.c.d, Actual REMOTE_ADDR=192.168.24.21

Upstream of lighttpd is HAProxy sending headers:

  "HTTP_X_FORWARDED_FOR" => "a.b.c.d" 
  "HTTP_X_FORWARDED_PROTO" => "https" 
#1

Updated by gstrauss 10 days ago

  • Category set to mod_extforward

Does tests/mod-extforward.t pass on your system? (make check in the lighttpd source tree)

Please provide more details about your system and your lighttpd.conf

#2

Updated by gstrauss 10 days ago

Have you tried extforward.hap-PROXY ?
See Docs_ModExtForward extforward.hap-PROXY

#3

Updated by gstrauss 9 days ago

  • Status changed from New to Need Feedback
#4

Updated by gstrauss 9 days ago

  • Status changed from Need Feedback to Patch Pending
  • Target version changed from 1.4.x to 1.4.59

Workaround: use extforward.hap-PROXY or explicitly set extforward.headers = ("X-Forwarded-For")

Fix:

diff --git a/src/mod_extforward.c b/src/mod_extforward.c
index e2f1843a..534146c9 100644
--- a/src/mod_extforward.c
+++ b/src/mod_extforward.c
@@ -405,6 +405,10 @@ SETDEFAULTS_FUNC(mod_extforward_set_defaults) {
         p->defaults.headers = p->default_headers = array_init(2);
         array_insert_value(p->default_headers,CONST_STR_LEN("X-Forwarded-For"));
         array_insert_value(p->default_headers,CONST_STR_LEN("Forwarded-For"));
+        for (uint32_t i = 0; i < p->default_headers->used; ++i) {
+            data_string * const ds = (data_string *)p->default_headers->data[i];
+            ds->ext = http_header_hkey_get(CONST_BUF_LEN(&ds->value));
+        }
     }

     /* attempt to warn if mod_extforward is not last module loaded to hook

#5

Updated by gstrauss 9 days ago

  • Status changed from Patch Pending to Fixed

Also available in: Atom