]> git.ipfire.org Git - thirdparty/apache/httpd.git/blob
projects / thirdparty / apache / httpd.git / blob
? search:


1926066
[thirdparty/apache/httpd.git] /
1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "ap_config.h"
18 #include "ap_mmn.h"
19 #include "httpd.h"
20 #include "http_config.h"
21 #include "http_connection.h"
22 #include "http_protocol.h"
23 #include "http_log.h"
24 #include "apr_strings.h"
25 #include "apr_lib.h"
26 #define APR_WANT_BYTEFUNC
27 #include "apr_want.h"
28 #include "apr_network_io.h"
29
30 module AP_MODULE_DECLARE_DATA remoteip_module;
31
32 typedef struct {
33 /** A proxy IP mask to match */
34 apr_ipsubnet_t *ip;
35 /** Flagged if internal, otherwise an external trusted proxy */
36 void *internal;
37 } remoteip_proxymatch_t;
38
39 typedef struct {
40 /** The header to retrieve a proxy-via IP list */
41 const char *header_name;
42 /** A header to record the proxied IP's
43 * (removed as the physical connection and
44 * from the proxy-via IP header value list)
45 */
46 const char *proxies_header_name;
47 /** A list of trusted proxies, ideally configured
48 * with the most commonly encountered listed first
49 */
50 apr_array_header_t *proxymatch_ip;
51 } remoteip_config_t;
52
53 typedef struct {
54 apr_sockaddr_t *useragent_addr;
55 char *useragent_ip;
56 /** The list of proxy IP's ignored as remote IP's */
57 const char *proxy_ips;
58 /** The remaining list of untrusted proxied remote IP's */
59 const char *proxied_remote;
60 } remoteip_req_t;
61
62 static void *create_remoteip_server_config(apr_pool_t *p, server_rec *s)
63 {
64 remoteip_config_t *config = apr_pcalloc(p, sizeof *config);
65 /* config->header_name = NULL;
66 * config->proxies_header_name = NULL;
67 */
68 return config;
69 }
70
71 static void *merge_remoteip_server_config(apr_pool_t *p, void *globalv,
72 void *serverv)
73 {
74 remoteip_config_t *global = (remoteip_config_t *) globalv;
75 remoteip_config_t *server = (remoteip_config_t *) serverv;
76 remoteip_config_t *config;
77
78 config = (remoteip_config_t *) apr_palloc(p, sizeof(*config));
79 config->header_name = server->header_name
80 ? server->header_name
81 : global->header_name;
82 config->proxies_header_name = server->proxies_header_name
83 ? server->proxies_header_name
84 : global->proxies_header_name;
85 config->proxymatch_ip = server->proxymatch_ip
86 ? server->proxymatch_ip
87 : global->proxymatch_ip;
88 return config;
89 }
90
91 static const char *header_name_set(cmd_parms *cmd, void *dummy,
92 const char *arg)
93 {
94 remoteip_config_t *config = ap_get_module_config(cmd->server->module_config,
95 &remoteip_module);
96 config->header_name = arg;
97 return NULL;
98 }
99
100 static const char *proxies_header_name_set(cmd_parms *cmd, void *dummy,
101 const char *arg)
102 {
103 remoteip_config_t *config = ap_get_module_config(cmd->server->module_config,
104 &remoteip_module);
105 config->proxies_header_name = arg;
106 return NULL;
107 }
108
109 /* Would be quite nice if APR exported this */
110 /* apr:network_io/unix/sockaddr.c */
111 static int looks_like_ip(const char *ipstr)
112 {
113 if (ap_strchr_c(ipstr, ':')) {
114 /* definitely not a hostname; assume it is intended to be an IPv6 address */
115 return 1;
116 }
117
118 /* simple IPv4 address string check */
119 while ((*ipstr == '.') || apr_isdigit(*ipstr))
120 ipstr++;
121 return (*ipstr == '\0');
122 }
123
124 static const char *proxies_set(cmd_parms *cmd, void *cfg,
125 const char *arg)
126 {
127 remoteip_config_t *config = ap_get_module_config(cmd->server->module_config,
128 &remoteip_module);
129 remoteip_proxymatch_t *match;
130 apr_status_t rv;
131 char *ip = apr_pstrdup(cmd->temp_pool, arg);
132 char *s = ap_strchr(ip, '/');
133 if (s) {
134 *s++ = '\0';
135 }
136
137 if (!config->proxymatch_ip) {
138 config->proxymatch_ip = apr_array_make(cmd->pool, 1, sizeof(*match));
139 }
140 match = (remoteip_proxymatch_t *) apr_array_push(config->proxymatch_ip);
141 match->internal = cmd->info;
142
143 if (looks_like_ip(ip)) {
144 /* Note s may be null, that's fine (explicit host) */
145 rv = apr_ipsubnet_create(&match->ip, ip, s, cmd->pool);
146 }
147 else
148 {
149 apr_sockaddr_t *temp_sa;
150
151 if (s) {
152 return apr_pstrcat(cmd->pool, "RemoteIP: Error parsing IP ", arg,
153 " the subnet /", s, " is invalid for ",
154 cmd->cmd->name, NULL);
155 }
156
157 rv = apr_sockaddr_info_get(&temp_sa, ip, APR_UNSPEC, 0,
158 APR_IPV4_ADDR_OK, cmd->temp_pool);
159 while (rv == APR_SUCCESS)
160 {
161 apr_sockaddr_ip_get(&ip, temp_sa);
162 rv = apr_ipsubnet_create(&match->ip, ip, NULL, cmd->pool);
163 if (!(temp_sa = temp_sa->next)) {
164 break;
165 }
166 match = (remoteip_proxymatch_t *)
167 apr_array_push(config->proxymatch_ip);
168 match->internal = cmd->info;
169 }
170 }
171
172 if (rv != APR_SUCCESS) {
173 return apr_psprintf(cmd->pool,
174 "RemoteIP: Error parsing IP %s (%pm error) for %s",
175 arg, &rv, cmd->cmd->name);
176 }
177
178 return NULL;
179 }
180
181 static const char *proxylist_read(cmd_parms *cmd, void *cfg,
182 const char *filename)
183 {
184 char lbuf[MAX_STRING_LEN];
185 char *arg;
186 const char *args;
187 const char *errmsg;
188 ap_configfile_t *cfp;
189 apr_status_t rv;
190
191 filename = ap_server_root_relative(cmd->temp_pool, filename);
192 rv = ap_pcfg_openfile(&cfp, cmd->temp_pool, filename);
193 if (rv != APR_SUCCESS) {
194 return apr_psprintf(cmd->pool, "%s: Could not open file %s: %pm",
195 cmd->cmd->name, filename, &rv);
196 }
197
198 while (!(ap_cfg_getline(lbuf, MAX_STRING_LEN, cfp))) {
199 args = lbuf;
200 while (*(arg = ap_getword_conf(cmd->temp_pool, &args)) != '\0') {
201 if (*arg == '#') {
202 break;
203 }
204 errmsg = proxies_set(cmd, cfg, arg);
205 if (errmsg) {
206 ap_cfg_closefile(cfp);
207 errmsg = apr_psprintf(cmd->pool, "%s at line %d of %s",
208 errmsg, cfp->line_number, filename);
209 return errmsg;
210 }
211 }
212 }
213
214 ap_cfg_closefile(cfp);
215 return NULL;
216 }
217
218 static int remoteip_modify_request(request_rec *r)
219 {
220 conn_rec *c = r->connection;
221 remoteip_config_t *config = (remoteip_config_t *)
222 ap_get_module_config(r->server->module_config, &remoteip_module);
223 remoteip_req_t *req = NULL;
224
225 apr_sockaddr_t *temp_sa;
226
227 apr_status_t rv;
228 char *remote;
229 char *proxy_ips = NULL;
230 char *parse_remote;
231 char *eos;
232 unsigned char *addrbyte;
233 void *internal = NULL;
234
235 if (!config->header_name) {
236 return DECLINED;
237 }
238
239 remote = (char *) apr_table_get(r->headers_in, config->header_name);
240 if (!remote) {
241 return OK;
242 }
243 remote = apr_pstrdup(r->pool, remote);
244
245 temp_sa = c->client_addr;
246
247 while (remote) {
248
249 /* verify c->client_addr is trusted if there is a trusted proxy list
250 */
251 if (config->proxymatch_ip) {
252 int i;
253 remoteip_proxymatch_t *match;
254 match = (remoteip_proxymatch_t *)config->proxymatch_ip->elts;
255 for (i = 0; i < config->proxymatch_ip->nelts; ++i) {
256 if (apr_ipsubnet_test(match[i].ip, c->client_addr)) {
257 internal = match[i].internal;
258 break;
259 }
260 }
261 if (i && i >= config->proxymatch_ip->nelts) {
262 break;
263 }
264 }
265
266 if ((parse_remote = strrchr(remote, ',')) == NULL) {
267 parse_remote = remote;
268 remote = NULL;
269 }
270 else {
271 *(parse_remote++) = '\0';
272 }
273
274 while (*parse_remote == ' ') {
275 ++parse_remote;
276 }
277
278 eos = parse_remote + strlen(parse_remote) - 1;
279 while (eos >= parse_remote && *eos == ' ') {
280 *(eos--) = '\0';
281 }
282
283 if (eos < parse_remote) {
284 if (remote) {
285 *(remote + strlen(remote)) = ',';
286 }
287 else {
288 remote = parse_remote;
289 }
290 break;
291 }
292
293 /* We map as IPv4 rather than IPv6 for equivalent host names
294 * or IPV4OVERIPV6
295 */
296 rv = apr_sockaddr_info_get(&temp_sa, parse_remote,
297 APR_UNSPEC, temp_sa->port,
298 APR_IPV4_ADDR_OK, r->pool);
299 if (rv != APR_SUCCESS) {
300 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r, APLOGNO(01568)
301 "RemoteIP: Header %s value of %s cannot be parsed "
302 "as a client IP",
303 config->header_name, parse_remote);
304
305 if (remote) {
306 *(remote + strlen(remote)) = ',';
307 }
308 else {
309 remote = parse_remote;
310 }
311 break;
312 }
313
314 addrbyte = (unsigned char *) &temp_sa->sa.sin.sin_addr;
315
316 /* For intranet (Internal proxies) ignore all restrictions below */
317 if (!internal
318 && ((temp_sa->family == APR_INET
319 /* For internet (non-Internal proxies) deny all
320 * RFC3330 designated local/private subnets:
321 * 10.0.0.0/8 169.254.0.0/16 192.168.0.0/16
322 * 127.0.0.0/8 172.16.0.0/12
323 */
324 && (addrbyte[0] == 10
325 || addrbyte[0] == 127
326 || (addrbyte[0] == 169 && addrbyte[1] == 254)
327 || (addrbyte[0] == 172 && (addrbyte[1] & 0xf0) == 16)
328 || (addrbyte[0] == 192 && addrbyte[1] == 168)))
329 #if APR_HAVE_IPV6
330 || (temp_sa->family == APR_INET6
331 /* For internet (non-Internal proxies) we translated
332 * IPv4-over-IPv6-mapped addresses as IPv4, above.
333 * Accept only Global Unicast 2000::/3 defined by RFC4291
334 */
335 && ((temp_sa->sa.sin6.sin6_addr.s6_addr[0] & 0xe0) != 0x20))
336 #endif
337 )) {
338 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r, APLOGNO(01569)
339 "RemoteIP: Header %s value of %s appears to be "
340 "a private IP or nonsensical. Ignored",
341 config->header_name, parse_remote);
342 if (remote) {
343 *(remote + strlen(remote)) = ',';
344 }
345 else {
346 remote = parse_remote;
347 }
348
349 break;
350 }
351
352 /* save away our results */
353 if (!req) {
354 req = (remoteip_req_t *) apr_palloc(r->pool, sizeof(remoteip_req_t));
355 }
356
357 /* Set useragent_ip string */
358 if (!internal) {
359 if (proxy_ips) {
360 proxy_ips = apr_pstrcat(r->pool, proxy_ips, ", ",
361 c->client_ip, NULL);
362 }
363 else {
364 proxy_ips = c->client_ip;
365 }
366 }
367
368 req->useragent_addr = temp_sa;
369 apr_sockaddr_ip_get(&req->useragent_ip, req->useragent_addr);
370 }
371
372 /* Nothing happened? */
373 if (!req) {
374 return OK;
375 }
376
377 req->proxied_remote = remote;
378 req->proxy_ips = proxy_ips;
379
380 if (req->proxied_remote) {
381 apr_table_setn(r->headers_in, config->header_name,
382 req->proxied_remote);
383 }
384 else {
385 apr_table_unset(r->headers_in, config->header_name);
386 }
387 if (req->proxy_ips) {
388 apr_table_setn(r->notes, "remoteip-proxy-ip-list", req->proxy_ips);
389 if (config->proxies_header_name) {
390 apr_table_setn(r->headers_in, config->proxies_header_name,
391 req->proxy_ips);
392 }
393 }
394
395 r->useragent_addr = req->useragent_addr;
396 r->useragent_ip = req->useragent_ip;
397
398 ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
399 req->proxy_ips
400 ? "Using %s as client's IP by proxies %s"
401 : "Using %s as client's IP by internal proxies%s",
402 req->useragent_ip,
403 (req->proxy_ips ? req->proxy_ips : ""));
404 return OK;
405 }
406
407 static const command_rec remoteip_cmds[] =
408 {
409 AP_INIT_TAKE1("RemoteIPHeader", header_name_set, NULL, RSRC_CONF,
410 "Specifies a request header to trust as the client IP, "
411 "e.g. X-Forwarded-For"),
412 AP_INIT_TAKE1("RemoteIPProxiesHeader", proxies_header_name_set,
413 NULL, RSRC_CONF,
414 "Specifies a request header to record proxy IP's, "
415 "e.g. X-Forwarded-By; if not given then do not record"),
416 AP_INIT_ITERATE("RemoteIPTrustedProxy", proxies_set, 0, RSRC_CONF,
417 "Specifies one or more proxies which are trusted "
418 "to present IP headers"),
419 AP_INIT_ITERATE("RemoteIPInternalProxy", proxies_set, (void*)1, RSRC_CONF,
420 "Specifies one or more internal (transparent) proxies "
421 "which are trusted to present IP headers"),
422 AP_INIT_TAKE1("RemoteIPTrustedProxyList", proxylist_read, 0,
423 RSRC_CONF | EXEC_ON_READ,
424 "The filename to read the list of trusted proxies, "
425 "see the RemoteIPTrustedProxy directive"),
426 AP_INIT_TAKE1("RemoteIPInternalProxyList", proxylist_read, (void*)1,
427 RSRC_CONF | EXEC_ON_READ,
428 "The filename to read the list of internal proxies, "
429 "see the RemoteIPInternalProxy directive"),
430 { NULL }
431 };
432
433 static void register_hooks(apr_pool_t *p)
434 {
435 ap_hook_post_read_request(remoteip_modify_request, NULL, NULL, APR_HOOK_FIRST);
436 }
437
438 AP_DECLARE_MODULE(remoteip) = {
439 STANDARD20_MODULE_STUFF,
440 NULL, /* create per-directory config structure */
441 NULL, /* merge per-directory config structures */
442 create_remoteip_server_config, /* create per-server config structure */
443 merge_remoteip_server_config, /* merge per-server config structures */
444 remoteip_cmds, /* command apr_table_t */
445 register_hooks /* register hooks */
446 };
Mirror of https://github.com/apache/httpd.git