From 394e5594d60f65a687e2bad9a848af8fed70a55e Mon Sep 17 00:00:00 2001 From: Graham Leggett Date: Fri, 25 Nov 2011 19:42:04 +0000 Subject: [PATCH] Introduce a per connection "peer_ip" and a per request "client_ip" to distinguish between the raw IP address of the connection and the effective IP address of the request. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1206291 13f79535-47bb-0310-9956-ffa450edef68 --- include/httpd.h | 8 ++++---- modules/aaa/mod_access_compat.c | 2 +- modules/aaa/mod_authz_host.c | 8 ++++---- modules/arch/netware/mod_nw_ssl.c | 2 +- modules/echo/mod_echo.c | 6 +++--- modules/experimental/mod_noloris.c | 4 ++-- modules/filters/mod_ext_filter.c | 2 +- modules/http/http_request.c | 4 ++-- modules/loggers/mod_log_config.c | 6 +++--- modules/lua/lua_request.c | 2 +- modules/mappers/mod_rewrite.c | 6 +++--- modules/metadata/mod_ident.c | 6 +++--- modules/metadata/mod_remoteip.c | 26 +++++++++++++------------- modules/metadata/mod_setenvif.c | 2 +- modules/proxy/ajp_header.c | 4 ++-- modules/proxy/mod_proxy_http.c | 12 ++++++------ modules/ssl/ssl_engine_kernel.c | 2 +- modules/ssl/ssl_engine_vars.c | 2 +- server/core.c | 10 +++++----- server/log.c | 14 +++++++------- server/protocol.c | 4 ++-- server/request.c | 4 ++-- server/util_expr_eval.c | 8 ++++---- server/util_script.c | 4 ++-- 24 files changed, 74 insertions(+), 74 deletions(-) diff --git a/include/httpd.h b/include/httpd.h index c56a88b5b2..d7f7784dfd 100644 --- a/include/httpd.h +++ b/include/httpd.h @@ -1007,8 +1007,8 @@ struct request_rec { /** remote address information from conn_rec, can be overridden if * necessary by a module. */ - apr_sockaddr_t *remote_addr; - char *remote_ip; + apr_sockaddr_t *client_addr; + char *client_ip; }; /** @@ -1052,10 +1052,10 @@ struct conn_rec { /** local address */ apr_sockaddr_t *local_addr; /** remote address */ - apr_sockaddr_t *remote_addr; + apr_sockaddr_t *peer_addr; /** Client's IP address */ - char *remote_ip; + char *peer_ip; /** Client's DNS name, if known. NULL if DNS hasn't been checked, * "" if it has and no address was found. N.B. Only access this though * get_remote_host() */ diff --git a/modules/aaa/mod_access_compat.c b/modules/aaa/mod_access_compat.c index 00352bada9..e3cc74f79f 100644 --- a/modules/aaa/mod_access_compat.c +++ b/modules/aaa/mod_access_compat.c @@ -271,7 +271,7 @@ static int find_allowdeny(request_rec *r, apr_array_header_t *a, int method) return 1; case T_IP: - if (apr_ipsubnet_test(ap[i].x.ip, r->remote_addr)) { + if (apr_ipsubnet_test(ap[i].x.ip, r->client_addr)) { return 1; } break; diff --git a/modules/aaa/mod_authz_host.c b/modules/aaa/mod_authz_host.c index f418cbe140..180172a40e 100644 --- a/modules/aaa/mod_authz_host.c +++ b/modules/aaa/mod_authz_host.c @@ -153,7 +153,7 @@ static authz_status ip_check_authorization(request_rec *r, apr_ipsubnet_t **ip = (apr_ipsubnet_t **)parsed_require_line; while (*ip) { - if (apr_ipsubnet_test(*ip, r->remote_addr)) + if (apr_ipsubnet_test(*ip, r->client_addr)) return AUTHZ_GRANTED; ip++; } @@ -201,10 +201,10 @@ static authz_status local_check_authorization(request_rec *r, const void *parsed_require_line) { if ( apr_sockaddr_equal(r->connection->local_addr, - r->remote_addr) - || apr_ipsubnet_test(localhost_v4, r->remote_addr) + r->client_addr) + || apr_ipsubnet_test(localhost_v4, r->client_addr) #if APR_HAVE_IPV6 - || apr_ipsubnet_test(localhost_v6, r->remote_addr) + || apr_ipsubnet_test(localhost_v6, r->client_addr) #endif ) { diff --git a/modules/arch/netware/mod_nw_ssl.c b/modules/arch/netware/mod_nw_ssl.c index ce7a4171a5..3e20edb569 100644 --- a/modules/arch/netware/mod_nw_ssl.c +++ b/modules/arch/netware/mod_nw_ssl.c @@ -1001,7 +1001,7 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, else if (strcEQ(var, "REQUEST_FILENAME")) result = r->filename; else if (strcEQ(var, "REMOTE_ADDR")) - result = r->remote_ip; + result = r->client_ip; else if (strcEQ(var, "REMOTE_HOST")) result = ap_get_remote_host(r->connection, r->per_dir_config, REMOTE_NAME, NULL); diff --git a/modules/echo/mod_echo.c b/modules/echo/mod_echo.c index 161ceed651..49a9d93362 100644 --- a/modules/echo/mod_echo.c +++ b/modules/echo/mod_echo.c @@ -154,7 +154,7 @@ static int process_echo_connection(conn_rec *c) if (!APR_STATUS_IS_EOF(rv) && ! APR_STATUS_IS_TIMEUP(rv)) ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, "ProtocolEcho: Failure reading from %s", - c->remote_ip); + c->peer_ip); break; } @@ -163,7 +163,7 @@ static int process_echo_connection(conn_rec *c) apr_brigade_cleanup(bb); ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, "ProtocolEcho: Error - read empty brigade from %s!", - c->remote_ip); + c->peer_ip); break; } @@ -181,7 +181,7 @@ static int process_echo_connection(conn_rec *c) if (rv != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, "ProtocolEcho: Failure writing to %s", - c->remote_ip); + c->peer_ip); break; } apr_brigade_cleanup(bb); diff --git a/modules/experimental/mod_noloris.c b/modules/experimental/mod_noloris.c index d541e6a3a3..11567cfdd7 100644 --- a/modules/experimental/mod_noloris.c +++ b/modules/experimental/mod_noloris.c @@ -67,11 +67,11 @@ static int noloris_conn(conn_rec *conn) /* check the IP is not banned */ shm_rec = apr_shm_baseaddr_get(shm); while (shm_rec[0] != '\0') { - if (!strcmp(shm_rec, conn->remote_ip)) { + if (!strcmp(shm_rec, conn->peer_ip)) { apr_socket_t *csd = ap_get_conn_socket(conn); ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, conn, "Dropping connection from banned IP %s", - conn->remote_ip); + conn->peer_ip); apr_socket_close(csd); return DONE; diff --git a/modules/filters/mod_ext_filter.c b/modules/filters/mod_ext_filter.c index 558e990e4a..1e3beab7f4 100644 --- a/modules/filters/mod_ext_filter.c +++ b/modules/filters/mod_ext_filter.c @@ -406,7 +406,7 @@ static void child_errfn(apr_pool_t *pool, apr_status_t err, const char *descript apr_file_printf(stderr_log, "[%s] [client %s] mod_ext_filter (%d)%s: %s\n", time_str, - r->remote_ip, + r->client_ip, err, apr_strerror(err, errbuf, sizeof(errbuf)), description); diff --git a/modules/http/http_request.c b/modules/http/http_request.c index 66da594930..36cff2d913 100644 --- a/modules/http/http_request.c +++ b/modules/http/http_request.c @@ -439,8 +439,8 @@ static request_rec *internal_internal_redirect(const char *new_uri, new->prev = r; r->next = new; - new->remote_addr = r->remote_addr; - new->remote_ip = r->remote_ip; + new->client_addr = r->client_addr; + new->client_ip = r->client_ip; /* Must have prev and next pointers set before calling create_request * hook. diff --git a/modules/loggers/mod_log_config.c b/modules/loggers/mod_log_config.c index 1f7642771c..e3b050a809 100644 --- a/modules/loggers/mod_log_config.c +++ b/modules/loggers/mod_log_config.c @@ -311,10 +311,10 @@ static const char *log_remote_host(request_rec *r, char *a) static const char *log_remote_address(request_rec *r, char *a) { if (a && !strcmp(a, "c")) { - return r->connection->remote_ip; + return r->connection->peer_ip; } else { - return r->remote_ip; + return r->client_ip; } } @@ -763,7 +763,7 @@ static const char *log_server_port(request_rec *r, char *a) port = r->server->port ? r->server->port : ap_default_port(r); } else if (!strcasecmp(a, "remote")) { - port = r->remote_addr->port; + port = r->client_addr->port; } else if (!strcasecmp(a, "local")) { port = r->connection->local_addr->port; diff --git a/modules/lua/lua_request.c b/modules/lua/lua_request.c index ffb3088650..5d7d8f537e 100644 --- a/modules/lua/lua_request.c +++ b/modules/lua/lua_request.c @@ -743,7 +743,7 @@ AP_LUA_DECLARE(void) ap_lua_push_connection(lua_State *L, conn_rec *c) ap_lua_push_apr_table(L, c->notes); lua_setfield(L, -2, "notes"); - lua_pushstring(L, c->remote_ip); + lua_pushstring(L, c->peer_ip); lua_setfield(L, -2, "remote_ip"); lua_pop(L, 1); diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index 1cb4f1ca74..7d7e899eb4 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -1860,7 +1860,7 @@ static char *lookup_variable(char *var, rewrite_ctx *ctx) else if (!strcmp(var, "IPV6")) { int flag = FALSE; #if APR_HAVE_IPV6 - apr_sockaddr_t *addr = r->remote_addr; + apr_sockaddr_t *addr = r->client_addr; flag = (addr->family == AF_INET6 && !IN6_IS_ADDR_V4MAPPED((struct in6_addr *)addr->ipaddr_ptr)); rewritelog((r, 1, ctx->perdir, "IPV6='%s'", flag ? "on" : "off")); @@ -1966,7 +1966,7 @@ static char *lookup_variable(char *var, rewrite_ctx *ctx) case 'D': if (*var == 'R' && !strcmp(var, "REMOTE_ADDR")) { - result = r->remote_ip; + result = r->client_ip; } else if (!strcmp(var, "SERVER_ADDR")) { result = r->connection->local_ip; @@ -2005,7 +2005,7 @@ static char *lookup_variable(char *var, rewrite_ctx *ctx) REMOTE_NAME, NULL); } else if (!strcmp(var, "REMOTE_PORT")) { - return apr_itoa(r->pool, r->remote_addr->port); + return apr_itoa(r->pool, r->client_addr->port); } break; diff --git a/modules/metadata/mod_ident.c b/modules/metadata/mod_ident.c index bd2c54d52e..1ba520800a 100644 --- a/modules/metadata/mod_ident.c +++ b/modules/metadata/mod_ident.c @@ -101,14 +101,14 @@ static apr_status_t rfc1413_connect(apr_socket_t **newsock, conn_rec *conn, return rv; } - if ((rv = apr_sockaddr_info_get(&destsa, conn->remote_ip, + if ((rv = apr_sockaddr_info_get(&destsa, conn->peer_ip, localsa->family, /* has to match */ RFC1413_PORT, 0, conn->pool)) != APR_SUCCESS) { /* This should not fail since we have a numeric address string * as the host. */ ap_log_error(APLOG_MARK, APLOG_CRIT, rv, srv, "rfc1413: apr_sockaddr_info_get(%s) failed", - conn->remote_ip); + conn->peer_ip); return rv; } @@ -167,7 +167,7 @@ static apr_status_t rfc1413_query(apr_socket_t *sock, conn_rec *conn, apr_size_t buflen; sav_our_port = conn->local_addr->port; - sav_rmt_port = conn->remote_addr->port; + sav_rmt_port = conn->peer_addr->port; /* send the data */ buflen = apr_snprintf(buffer, sizeof(buffer), "%hu,%hu\r\n", sav_rmt_port, diff --git a/modules/metadata/mod_remoteip.c b/modules/metadata/mod_remoteip.c index 43622eb9ec..c72e8d8ad9 100644 --- a/modules/metadata/mod_remoteip.c +++ b/modules/metadata/mod_remoteip.c @@ -51,8 +51,8 @@ typedef struct { } remoteip_config_t; typedef struct { - apr_sockaddr_t *remote_addr; - char *remote_ip; + apr_sockaddr_t *client_addr; + char *client_ip; /** The list of proxy ip's ignored as remote ip's */ const char *proxy_ips; /** The remaining list of untrusted proxied remote ip's */ @@ -243,18 +243,18 @@ static int remoteip_modify_request(request_rec *r) } remote = apr_pstrdup(r->pool, remote); - temp_sa = c->remote_addr; + temp_sa = c->peer_addr; while (remote) { - /* verify c->remote_addr is trusted if there is a trusted proxy list + /* verify c->peer_addr is trusted if there is a trusted proxy list */ if (config->proxymatch_ip) { int i; remoteip_proxymatch_t *match; match = (remoteip_proxymatch_t *)config->proxymatch_ip->elts; for (i = 0; i < config->proxymatch_ip->nelts; ++i) { - if (apr_ipsubnet_test(match[i].ip, c->remote_addr)) { + if (apr_ipsubnet_test(match[i].ip, c->peer_addr)) { internal = match[i].internal; break; } @@ -356,19 +356,19 @@ static int remoteip_modify_request(request_rec *r) req = (remoteip_req_t *) apr_palloc(r->pool, sizeof(remoteip_req_t)); } - /* Set remote_ip string */ + /* Set peer_ip string */ if (!internal) { if (proxy_ips) { proxy_ips = apr_pstrcat(r->pool, proxy_ips, ", ", - c->remote_ip, NULL); + c->peer_ip, NULL); } else { - proxy_ips = c->remote_ip; + proxy_ips = c->peer_ip; } } - req->remote_addr = temp_sa; - apr_sockaddr_ip_get(&req->remote_ip, req->remote_addr); + req->client_addr = temp_sa; + apr_sockaddr_ip_get(&req->client_ip, req->client_addr); } /* Nothing happened? */ @@ -394,14 +394,14 @@ static int remoteip_modify_request(request_rec *r) } } - r->remote_addr = req->remote_addr; - r->remote_ip = req->remote_ip; + r->client_addr = req->client_addr; + r->client_ip = req->client_ip; ap_log_rerror(APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, 0, r, req->proxy_ips ? "Using %s as client's IP by proxies %s" : "Using %s as client's IP by internal proxies", - req->remote_ip, req->proxy_ips); + req->client_ip, req->proxy_ips); return OK; } diff --git a/modules/metadata/mod_setenvif.c b/modules/metadata/mod_setenvif.c index 383f6b73e0..5a2ee71bb9 100644 --- a/modules/metadata/mod_setenvif.c +++ b/modules/metadata/mod_setenvif.c @@ -527,7 +527,7 @@ static int match_headers(request_rec *r) last_name = b->name; switch (b->special_type) { case SPECIAL_REMOTE_ADDR: - val = r->remote_ip; + val = r->client_ip; break; case SPECIAL_SERVER_ADDR: val = r->connection->local_ip; diff --git a/modules/proxy/ajp_header.c b/modules/proxy/ajp_header.c index 80977b0a64..310b8254bf 100644 --- a/modules/proxy/ajp_header.c +++ b/modules/proxy/ajp_header.c @@ -247,7 +247,7 @@ static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg, ajp_msg_append_uint8(msg, (apr_byte_t) method) || ajp_msg_append_string(msg, r->protocol) || ajp_msg_append_string(msg, uri->path) || - ajp_msg_append_string(msg, r->remote_ip) || + ajp_msg_append_string(msg, r->client_ip) || ajp_msg_append_string(msg, remote_host) || ajp_msg_append_string(msg, ap_get_server_name(r)) || ajp_msg_append_uint16(msg, (apr_uint16_t)r->connection->local_addr->port) || @@ -413,7 +413,7 @@ static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg, */ { const char *key = SC_A_REQ_REMOTE_PORT; - char *val = apr_itoa(r->pool, r->remote_addr->port); + char *val = apr_itoa(r->pool, r->client_addr->port); if (ajp_msg_append_uint8(msg, SC_A_REQ_ATTRIBUTE) || ajp_msg_append_string(msg, key) || ajp_msg_append_string(msg, val)) { diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c index 909fe30168..b3186b59f8 100644 --- a/modules/proxy/mod_proxy_http.c +++ b/modules/proxy/mod_proxy_http.c @@ -532,7 +532,7 @@ static int stream_reqbody_cl(apr_pool_t *p, if (bytes_streamed != cl_val) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "client %s given Content-Length did not match" - " number of body bytes read", r->connection->remote_ip); + " number of body bytes read", r->connection->peer_ip); return HTTP_BAD_REQUEST; } @@ -858,7 +858,7 @@ int ap_proxy_http_request(apr_pool_t *p, request_rec *r, * determine, where the original request came from. */ apr_table_mergen(r->headers_in, "X-Forwarded-For", - r->remote_ip); + r->client_ip); /* Add X-Forwarded-Host: so that upstream knows what the * original request hostname was. @@ -1002,7 +1002,7 @@ int ap_proxy_http_request(apr_pool_t *p, request_rec *r, ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "client %s (%s) requested Transfer-Encoding " "chunked body with Content-Length (C-L ignored)", - c->remote_ip, c->remote_host ? c->remote_host: ""); + c->peer_ip, c->remote_host ? c->remote_host: ""); apr_table_unset(r->headers_in, "Content-Length"); old_cl_val = NULL; origin->keepalive = AP_CONN_CLOSE; @@ -1027,7 +1027,7 @@ int ap_proxy_http_request(apr_pool_t *p, request_rec *r, "prefetch request body failed to %pI (%s)" " from %s (%s)", p_conn->addr, p_conn->hostname ? p_conn->hostname: "", - c->remote_ip, c->remote_host ? c->remote_host: ""); + c->peer_ip, c->remote_host ? c->remote_host: ""); return HTTP_BAD_REQUEST; } @@ -1049,7 +1049,7 @@ int ap_proxy_http_request(apr_pool_t *p, request_rec *r, "processing prefetched request body failed" " to %pI (%s) from %s (%s)", p_conn->addr, p_conn->hostname ? p_conn->hostname: "", - c->remote_ip, c->remote_host ? c->remote_host: ""); + c->peer_ip, c->remote_host ? c->remote_host: ""); return HTTP_INTERNAL_SERVER_ERROR; } @@ -1188,7 +1188,7 @@ skip_body: ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "pass request body failed to %pI (%s) from %s (%s)", p_conn->addr, p_conn->hostname ? p_conn->hostname: "", - c->remote_ip, c->remote_host ? c->remote_host: ""); + c->peer_ip, c->remote_host ? c->remote_host: ""); return rv; } diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index cb0b04110b..cd003f0222 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -917,7 +917,7 @@ int ssl_hook_Access(request_rec *r) ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, "Access to %s denied for %s " "(requirement expression not fulfilled)", - r->filename, r->remote_ip); + r->filename, r->client_ip); ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, "Failed expression: %s", req->cpExpr); diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index 5e6edf2118..4155bc3480 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -188,7 +188,7 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, else if (strcEQ(var, "REQUEST_FILENAME")) result = r->filename; else if (strcEQ(var, "REMOTE_ADDR")) - result = r->remote_ip; + result = r->client_ip; else if (strcEQ(var, "REMOTE_HOST")) result = ap_get_remote_host(r->connection, r->per_dir_config, REMOTE_NAME, NULL); diff --git a/server/core.c b/server/core.c index fb1013965c..cd96ef7997 100644 --- a/server/core.c +++ b/server/core.c @@ -829,7 +829,7 @@ static APR_INLINE void do_double_reverse (conn_rec *conn) rv = apr_sockaddr_info_get(&sa, conn->remote_host, APR_UNSPEC, 0, 0, conn->pool); if (rv == APR_SUCCESS) { while (sa) { - if (apr_sockaddr_equal(sa, conn->remote_addr)) { + if (apr_sockaddr_equal(sa, conn->peer_addr)) { conn->double_reverse = 1; return; } @@ -871,7 +871,7 @@ AP_DECLARE(const char *) ap_get_remote_host(conn_rec *conn, void *dir_config, && (type == REMOTE_DOUBLE_REV || hostname_lookups != HOSTNAME_LOOKUP_OFF)) { - if (apr_getnameinfo(&conn->remote_host, conn->remote_addr, 0) + if (apr_getnameinfo(&conn->remote_host, conn->peer_addr, 0) == APR_SUCCESS) { ap_str_tolower(conn->remote_host); @@ -910,7 +910,7 @@ AP_DECLARE(const char *) ap_get_remote_host(conn_rec *conn, void *dir_config, } else { *str_is_ip = 1; - return conn->remote_ip; + return conn->peer_ip; } } } @@ -4497,7 +4497,7 @@ static conn_rec *core_create_conn(apr_pool_t *ptrans, server_rec *server, } apr_sockaddr_ip_get(&c->local_ip, c->local_addr); - if ((rv = apr_socket_addr_get(&c->remote_addr, APR_REMOTE, csd)) + if ((rv = apr_socket_addr_get(&c->peer_addr, APR_REMOTE, csd)) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_INFO, rv, server, "apr_socket_addr_get(APR_REMOTE)"); @@ -4505,7 +4505,7 @@ static conn_rec *core_create_conn(apr_pool_t *ptrans, server_rec *server, return NULL; } - apr_sockaddr_ip_get(&c->remote_ip, c->remote_addr); + apr_sockaddr_ip_get(&c->peer_ip, c->peer_addr); c->base_server = server; c->id = id; diff --git a/server/log.c b/server/log.c index 8e19fc1b0b..4b73a45108 100644 --- a/server/log.c +++ b/server/log.c @@ -562,11 +562,11 @@ static int log_remote_address(const ap_errorlog_info *info, const char *arg, char *buf, int buflen) { if (info->r && !(arg && *arg == 'c')) - return apr_snprintf(buf, buflen, "%s:%d", info->r->remote_ip, - info->r->remote_addr->port); + return apr_snprintf(buf, buflen, "%s:%d", info->r->client_ip, + info->r->client_addr->port); else if (info->c) - return apr_snprintf(buf, buflen, "%s:%d", info->c->remote_ip, - info->c->remote_addr->port); + return apr_snprintf(buf, buflen, "%s:%d", info->c->peer_ip, + info->c->peer_addr->port); else return 0; } @@ -962,18 +962,18 @@ static int do_errorlog_default(const ap_errorlog_info *info, char *buf, } /* - * remote_ip can be client or backend server. If we have a scoreboard + * client_ip/peer_ip can be client or backend server. If we have a scoreboard * handle, it is likely a client. */ if (info->r) { len += apr_snprintf(buf + len, buflen - len, info->r->connection->sbh ? "[client %s:%d] " : "[remote %s:%d] ", - info->r->remote_ip, info->r->remote_addr->port); + info->r->client_ip, info->r->client_addr->port); } else if (info->c) { len += apr_snprintf(buf + len, buflen - len, info->c->sbh ? "[client %s:%d] " : "[remote %s:%d] ", - info->c->remote_ip, info->c->remote_addr->port); + info->c->peer_ip, info->c->peer_addr->port); } /* the actual error message */ diff --git a/server/protocol.c b/server/protocol.c index d111e5fb45..a79adaac6c 100644 --- a/server/protocol.c +++ b/server/protocol.c @@ -979,8 +979,8 @@ request_rec *ap_read_request(conn_rec *conn) */ r->used_path_info = AP_REQ_DEFAULT_PATH_INFO; - r->remote_addr = conn->remote_addr; - r->remote_ip = conn->remote_ip; + r->client_addr = conn->peer_addr; + r->client_ip = conn->peer_ip; tmp_bb = apr_brigade_create(r->pool, r->connection->bucket_alloc); diff --git a/server/request.c b/server/request.c index a5d0f62f81..71122cffea 100644 --- a/server/request.c +++ b/server/request.c @@ -1832,8 +1832,8 @@ static request_rec *make_sub_request(const request_rec *r, rnew->output_filters = r->proto_output_filters; } - rnew->remote_addr = r->remote_addr; - rnew->remote_ip = r->remote_ip; + rnew->client_addr = r->client_addr; + rnew->client_ip = r->client_ip; /* no input filters for a subrequest */ diff --git a/server/util_expr_eval.c b/server/util_expr_eval.c index 86631a473a..d4233e401c 100644 --- a/server/util_expr_eval.c +++ b/server/util_expr_eval.c @@ -1206,7 +1206,7 @@ static const char *conn_var_fn(ap_expr_eval_ctx_t *ctx, const void *data) case 1: #if APR_HAVE_IPV6 { - apr_sockaddr_t *addr = c->remote_addr; + apr_sockaddr_t *addr = c->peer_addr; if (addr->family == AF_INET6 && !IN6_IS_ADDR_V4MAPPED((struct in6_addr *)addr->ipaddr_ptr)) return "on"; @@ -1219,7 +1219,7 @@ static const char *conn_var_fn(ap_expr_eval_ctx_t *ctx, const void *data) case 2: return c->log_id; case 3: - return c->remote_ip; + return c->peer_ip; default: ap_assert(0); return NULL; @@ -1342,7 +1342,7 @@ static const char *request_var_fn(ap_expr_eval_ctx_t *ctx, const void *data) case 27: return r->status ? apr_psprintf(ctx->p, "%d", r->status) : ""; case 28: - return r->remote_ip; + return r->client_ip; default: ap_assert(0); return NULL; @@ -1491,7 +1491,7 @@ static int op_R(ap_expr_eval_ctx_t *ctx, const void *data, const char *arg1) if (!ctx->r) return FALSE; - return apr_ipsubnet_test(subnet, ctx->r->remote_addr); + return apr_ipsubnet_test(subnet, ctx->r->client_addr); } static int op_T(ap_expr_eval_ctx_t *ctx, const void *data, const char *arg) diff --git a/server/util_script.c b/server/util_script.c index 243d5093ac..907dd36079 100644 --- a/server/util_script.c +++ b/server/util_script.c @@ -235,7 +235,7 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r) apr_psprintf(r->pool, "%u", ap_get_server_port(r))); add_unless_null(e, "REMOTE_HOST", ap_get_remote_host(c, r->per_dir_config, REMOTE_HOST, NULL)); - apr_table_addn(e, "REMOTE_ADDR", c->remote_ip); + apr_table_addn(e, "REMOTE_ADDR", r->client_ip); apr_table_addn(e, "DOCUMENT_ROOT", ap_document_root(r)); /* Apache */ apr_table_setn(e, "REQUEST_SCHEME", ap_http_scheme(r)); apr_table_addn(e, "CONTEXT_PREFIX", ap_context_prefix(r)); @@ -243,7 +243,7 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r) apr_table_addn(e, "SERVER_ADMIN", s->server_admin); /* Apache */ apr_table_addn(e, "SCRIPT_FILENAME", r->filename); /* Apache */ - rport = c->remote_addr->port; + rport = c->peer_addr->port; apr_table_addn(e, "REMOTE_PORT", apr_itoa(r->pool, rport)); if (r->user) { -- 2.50.1