+2020-01-11 Frank Ch. Eigler <fche@redhat.com>
+
+ * debuginfod.cxx (conninfo): Print User-Agent and X-Forwarded-For
+ request headers, after mild safety-censorship (for easier machine
+ processing).
+
2020-01-11 Frank Ch. Eigler <fche@redhat.com>
* debuginfod.cxx: Rework threading model.
/* Debuginfo-over-http server.
- Copyright (C) 2019 Red Hat, Inc.
+ Copyright (C) 2019-2020 Red Hat, Inc.
This file is part of elfutils.
This file is free software; you can redistribute it and/or modify
////////////////////////////////////////////////////////////////////////
-
+static string
+header_censor(const string& str)
+{
+ string y;
+ for (auto&& x : str)
+ {
+ if (isalnum(x) || x == '/' || x == '.' || x == ',' || x == '_' || x == ':')
+ y += x;
+ }
+ return y;
+}
static string
hostname[0] = servname[0] = '\0';
}
- return string(hostname) + string(":") + string(servname);
+ // extract headers relevant to administration
+ const char* user_agent = MHD_lookup_connection_value (conn, MHD_HEADER_KIND, "User-Agent") ?: "";
+ const char* x_forwarded_for = MHD_lookup_connection_value (conn, MHD_HEADER_KIND, "X-Forwarded-For") ?: "";
+ // NB: these are untrustworthy, beware if machine-processing log files
+
+ return string(hostname) + string(":") + string(servname) +
+ string(" UA:") + header_censor(string(user_agent)) +
+ string(" XFF:") + header_censor(string(x_forwarded_for));
}
projects / thirdparty / elfutils.git / commitdiff
