You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2014/01/31 12:15:56 UTC

[Bug 56094] New: mod_rewrite doesn't expose client_addr

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

            Bug ID: 56094
           Summary: mod_rewrite doesn't expose client_addr
           Product: Apache httpd-2
           Version: 2.4.7
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: mod_rewrite
          Assignee: bugs@httpd.apache.org
          Reporter: h.reindl@thelounge.net

quote from the httpd-devl-list:

> It looks to me like it is not exposed in mod_rewrite.
> I'd suggest opening a bug "mod_rewrite doesn't expose client_addr".
> For consistency, I'd suggest CONN_REMOTE_ADDR as in the expression parser
___________________________

mod_rewrite can't distinguish between %a and %{c}a currently

the idea is that the proxy has 127.0.0.1 and does SSL-termination
so it should use unecrypted connections to httpd, but in case
the connection comes from a different IP mod_rewrite is supposed
to redirect the request as shown below to https

without mod_remoteip the mod_rewrite snipped works as expected
so only a replacement for %{REMOTE_ADDR} would be needed that
uses the underlying peer IP address of the connection

<IfModule mod_remoteip.c>
 RemoteIPHeader X-Forwarded-For
 RemoteIPInternalProxy 127.0.0.1
</IfModule>
<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1
 RewriteCond %{HTTPS} off
 RewriteRule (.*) https://www.example.com%{REQUEST_URI}
</IfModule>

http://httpd.apache.org/docs/2.4/mod/mod_rewrite.html

http://httpd.apache.org/docs/2.4/mod/mod_log_config.html
%a     Client IP address of the request (see the mod_remoteip module).
%{c}a     Underlying peer IP address of the connection (see the mod_remoteip
module)

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56094] mod_rewrite doesn't expose client_addr

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

--- Comment #1 from Edward Lu <Ch...@gmail.com> ---
Created attachment 31276
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=31276&action=edit
Patch for issue

Adds support for CONN_REMOTE_ADDR to mod_rewrite

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56094] mod_rewrite doesn't expose client_addr

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

webdev <we...@blizzard.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |webdev@blizzard.com

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56094] mod_rewrite doesn't expose client_addr

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

--- Comment #7 from Reindl Harald <h....@thelounge.net> ---
i also made an RFE for RHEL7 on the Redhat-Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1060536

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56094] mod_rewrite doesn't expose client_addr

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

Yann Ylavic <yl...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #8 from Yann Ylavic <yl...@gmail.com> ---
Fixed in 2.4.8.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56094] mod_rewrite doesn't expose client_addr

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

Mark Thomas <ma...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #31276|1                           |0
           is patch|                            |

--- Comment #3 from Mark Thomas <ma...@apache.org> ---
Comment on attachment 31276
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=31276
Patch for issue

Remove patch marker now content has been removed by ASF infra

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56094] mod_rewrite doesn't expose client_addr

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

--- Comment #5 from Reindl Harald <h....@thelounge.net> ---
got it - the patch is fine, rpmbuild on likes a path-component before
"modules", most likely because -p1, well i am not that good in patch-handling

the config below works exactly as expected - thank you!

%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
______________________________________

<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{CONN_REMOTE_ADDR} !^127\.0\.0\.1
 RewriteCond %{HTTPS} off
 RewriteRule (.*) https://www.example.com%{REQUEST_URI}
</IfModule>

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56094] mod_rewrite doesn't expose client_addr

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

Edward Lu <Ch...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #31276|0                           |1
        is obsolete|                            |

--- Comment #2 from Edward Lu <Ch...@gmail.com> ---
Created attachment 31277
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=31277&action=edit
Wrong patch before - this adds CONN_REMOTE_ADDR to mod_rewrite

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56094] mod_rewrite doesn't expose client_addr

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

--- Comment #4 from Reindl Harald <h....@thelounge.net> ---
*wow* that was fast!

somehow rpmbuild does not like the patch format :-(
maybe i find out how to fix and give feedback
otherwise a "unified diff" would be cool

+ echo 'Patch #8 (httpd-2.4-mod_rewrite_conn_remote_addr.patch):'
Patch #8 (httpd-2.4-mod_rewrite_conn_remote_addr.patch):
+ /usr/bin/cat
/home/builduser/rpmbuild/SOURCES/httpd-2.4-mod_rewrite_conn_remote_addr.patch
+ /usr/bin/patch -p1 --fuzz=0
can't find file to patch at input line 3
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|--- modules/mappers/mod_rewrite.c      (revision 1563220)
|+++ modules/mappers/mod_rewrite.c      (working copy)
--------------------------
File to patch:

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56094] mod_rewrite doesn't expose client_addr

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56094

Eric Covener <co...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |FixedInTrunk,
                   |                            |PatchAvailable

--- Comment #6 from Eric Covener <co...@gmail.com> ---
Thanks for the patch and test, commited to trunk in
https://svn.apache.org/r1563418 and proposed for 2.4.x

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org