From 05429d753116f5c2931dc15d6cc2a25b310a9f49 Mon Sep 17 00:00:00 2001
From: "Frank Ch. Eigler" <fche@redhat.com>
Date: Sat, 11 Jan 2020 16:05:46 -0500
Subject: [PATCH] debuginfod: print U-A: and X-F-F: request headers

For an incoming webapi request, print two headers that should assist
in the administration of a debuginfod service.  At fweimer's
suggestion, added a bit of filtering so the text is more reliably
parseable.

Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
---
 debuginfod/ChangeLog      |  6 ++++++
 debuginfod/debuginfod.cxx | 23 ++++++++++++++++++++---
 2 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
index 4167215f2..795b617ba 100644
--- a/debuginfod/ChangeLog
+++ b/debuginfod/ChangeLog
@@ -1,3 +1,9 @@
+2020-01-11  Frank Ch. Eigler  <fche@redhat.com>
+
+	* debuginfod.cxx (conninfo): Print User-Agent and X-Forwarded-For
+	request headers, after mild safety-censorship (for easier machine
+	processing).
+
 2020-01-11  Frank Ch. Eigler  <fche@redhat.com>
 
 	* debuginfod.cxx: Rework threading model.
diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
index 05fbacc2b..1c60e8d39 100644
--- a/debuginfod/debuginfod.cxx
+++ b/debuginfod/debuginfod.cxx
@@ -1,5 +1,5 @@
 /* Debuginfo-over-http server.
-   Copyright (C) 2019 Red Hat, Inc.
+   Copyright (C) 2019-2020 Red Hat, Inc.
    This file is part of elfutils.
 
    This file is free software; you can redistribute it and/or modify
@@ -742,7 +742,17 @@ private:
 ////////////////////////////////////////////////////////////////////////
 
 
-
+static string
+header_censor(const string& str)
+{
+  string y;
+  for (auto&& x : str)
+    {
+      if (isalnum(x) || x == '/' || x == '.' || x == ',' || x == '_' || x == ':')
+        y += x;
+    }
+  return y;
+}
 
 
 static string
@@ -771,7 +781,14 @@ conninfo (struct MHD_Connection * conn)
     hostname[0] = servname[0] = '\0';
   }
 
-  return string(hostname) + string(":") + string(servname);
+  // extract headers relevant to administration
+  const char* user_agent = MHD_lookup_connection_value (conn, MHD_HEADER_KIND, "User-Agent") ?: "";
+  const char* x_forwarded_for = MHD_lookup_connection_value (conn, MHD_HEADER_KIND, "X-Forwarded-For") ?: "";
+  // NB: these are untrustworthy, beware if machine-processing log files
+
+  return string(hostname) + string(":") + string(servname) +
+    string(" UA:") + header_censor(string(user_agent)) +
+    string(" XFF:") + header_censor(string(x_forwarded_for));
 }
 
 
-- 
2.47.3