From: jan@unixpapa.com Date: Wed, 11 Dec 2013 19:08:54 +0000 (+0000) Subject: Add FORWARDS environment variable, as suggested under a different name by Rogier... X-Git-Tag: mod-auth-external-3.3.2~4 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=98c59ea472deb8e79441c0d522ebc38a10384001;p=apache-authnz-external Add FORWARDS environment variable, as suggested under a different name by Rogier Slag. --- diff --git a/mod_authnz_external/AUTHENTICATORS b/mod_authnz_external/AUTHENTICATORS index 0050627..aaf176a 100644 --- a/mod_authnz_external/AUTHENTICATORS +++ b/mod_authnz_external/AUTHENTICATORS @@ -249,7 +249,16 @@ OTHER ENVIRONMENT VARIABLES IP the client's ip-address. - HOST the client's host name, if Apache has "HostnameLookups On". + HOST the host name corresponding to IP, if Apache has + "HostnameLookups On". + + FORWARDS If a load-balancer or proxy is being used, then the "IP" variable + is just going to be the ip-address of the server that forwarded + the client's request to the current server. In that case, the + "FORWARDS" environment variable gives a comma-separated list of + ip-addresses, the first of which will be the original client's ip, + while the rest are all the other proxies the request was forwarded + through before reaching the server named by the the "IP" variable. PATH the httpd's path environment variable. diff --git a/mod_authnz_external/CHANGES b/mod_authnz_external/CHANGES index 7493377..024b42e 100644 --- a/mod_authnz_external/CHANGES +++ b/mod_authnz_external/CHANGES @@ -1,5 +1,7 @@ v3.3.2 (Jan Wolter - NOT YET RELEASED) ---------------------------------------------- + * Added the FORWARDS environment variable for use with load balancing servers. + This patch contributed by Rogier Slag. * Added test/test.pipe.php, a PHP version of test/test.pipe contributed by Claus Andersen. diff --git a/mod_authnz_external/mod_authnz_external.c b/mod_authnz_external/mod_authnz_external.c index 479e57f..f394832 100644 --- a/mod_authnz_external/mod_authnz_external.c +++ b/mod_authnz_external/mod_authnz_external.c @@ -96,6 +96,7 @@ #define ENV_HOST "HOST" /* Remote Host */ #define ENV_HTTP_HOST "HTTP_HOST" /* Local Host */ #define ENV_CONTEXT "CONTEXT" /* Arbitrary Data from Config */ +#define ENV_FORWARDS "FORWARDS" /* Undefine this if you do not want cookies passed to the script */ #define ENV_COOKIE "COOKIE" @@ -400,7 +401,7 @@ static int exec_external(const char *extpath, const char *extmethod, apr_procattr_t *procattr; apr_proc_t proc; apr_status_t rc= APR_SUCCESS; - char *child_env[12]; + char *child_env[13]; char *child_arg[MAX_ARG+2]; const char *t; int i, status= -4; @@ -423,7 +424,7 @@ static int exec_external(const char *extpath, const char *extmethod, if (!isdaemon) { - const char *cookie, *host, *remote_host; + const char *cookie, *host, *remote_host, *forwards; authnz_external_dir_config_rec *dir= (authnz_external_dir_config_rec *) ap_get_module_config(r->per_dir_config, &authnz_external_module); i= 0; @@ -456,6 +457,9 @@ static int exec_external(const char *extpath, const char *extmethod, child_env[i++]= apr_pstrcat(r->pool, ENV_CONTEXT"=", dir->context, NULL); + if ((forwards= apr_table_get(r->headers_in, "X-Forwarded-For")) != NULL) + child_env[i++]= apr_pstrcat(p, ENV_FORWARDS"=", forwards, NULL); + #ifdef ENV_COOKIE if ((cookie= apr_table_get(r->headers_in, "Cookie")) != NULL) child_env[i++]= apr_pstrcat(p, ENV_COOKIE"=", cookie, NULL);