bughz/tinyproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rename option DisableXffHeader to EnableXffHeader.

Browse Source
This commit is contained in:
Vladimir Belov 2018-03-30 15:17:10 +03:00
parent 0fc9d1cd39
commit 5df36151b1
5 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/man5/tinyproxy.conf.txt.in
View File

@ -246,13 +246,13 @@ AddHeader "X-My-Header" "Powered by Tinyproxy"
enabling this option, you break compliance. enabling this option, you break compliance.
Don't disable the `Via` header unless you know what you are doing... Don't disable the `Via` header unless you know what you are doing...
*DisableXffHeader*:: *EnableXffHeader*::
The 'X-Forwarded-For' header isn't required by the HTTP RFC, The 'X-Forwarded-For' header isn't required by the HTTP RFC,
but is a common method for identifying the originating IP address but is a common method for identifying the originating IP address
of a client connecting to a web server through an HTTP proxy or of a client connecting to a web server through an HTTP proxy or
load balancer. Though, using this is a security concern. load balancer. Though, using this is a security concern.
So turn this off only for demand. So turn this on only for demand.
*Filter*:: *Filter*::

4
etc/tinyproxy.conf.in
View File

@ -234,13 +234,13 @@ ViaProxyName "tinyproxy"
#DisableViaHeader Yes #DisableViaHeader Yes
# #
# DisableXffHeader: The 'X-Forwarded-For' header isn't required by the # EnableXffHeader: The 'X-Forwarded-For' header isn't required by the
# HTTP RFC, but is a common method for identifying the originating # HTTP RFC, but is a common method for identifying the originating
# IP address of a client connecting to a web server through an HTTP # IP address of a client connecting to a web server through an HTTP
# proxy or load balancer. Though, using this is a security concern. # proxy or load balancer. Though, using this is a security concern.
# So we disable it by default. # So we disable it by default.
# #
DisableXffHeader Yes #EnableXffHeader No
# #
# Filter: This allows you to specify the location of the filter file. # Filter: This allows you to specify the location of the filter file.

16
src/conf.c
View File

@ -156,7 +156,7 @@ static HANDLE_FUNC (handle_timeout);
static HANDLE_FUNC (handle_user); static HANDLE_FUNC (handle_user);
static HANDLE_FUNC (handle_viaproxyname); static HANDLE_FUNC (handle_viaproxyname);
static HANDLE_FUNC (handle_disableviaheader); static HANDLE_FUNC (handle_disableviaheader);
static HANDLE_FUNC (handle_disablexffheader); static HANDLE_FUNC (handle_enablexffheader);
static HANDLE_FUNC (handle_xtinyproxy); static HANDLE_FUNC (handle_xtinyproxy);
#ifdef UPSTREAM_SUPPORT #ifdef UPSTREAM_SUPPORT
@ -210,7 +210,7 @@ struct {
STDCONF ("syslog", BOOL, handle_syslog), STDCONF ("syslog", BOOL, handle_syslog),
STDCONF ("bindsame", BOOL, handle_bindsame), STDCONF ("bindsame", BOOL, handle_bindsame),
STDCONF ("disableviaheader", BOOL, handle_disableviaheader), STDCONF ("disableviaheader", BOOL, handle_disableviaheader),
STDCONF ("disablexffheader", BOOL, handle_disablexffheader), STDCONF ("enablexffheader", BOOL, handle_enablexffheader),
STDCONF ("xtinyproxy", BOOL, handle_xtinyproxy), STDCONF ("xtinyproxy", BOOL, handle_xtinyproxy),
/* integer arguments */ /* integer arguments */
STDCONF ("port", INT, handle_port), STDCONF ("port", INT, handle_port),
@ -527,6 +527,8 @@ static void initialize_with_defaults (struct config_s *conf,
conf->disable_viaheader = defaults->disable_viaheader; conf->disable_viaheader = defaults->disable_viaheader;
conf->enable_xffheader = defaults->enable_xffheader;
if (defaults->errorpage_undef) { if (defaults->errorpage_undef) {
conf->errorpage_undef = safestrdup (defaults->errorpage_undef); conf->errorpage_undef = safestrdup (defaults->errorpage_undef);
} }
@ -738,17 +740,17 @@ static HANDLE_FUNC (handle_disableviaheader)
return 0; return 0;
} }
static HANDLE_FUNC (handle_disablexffheader) static HANDLE_FUNC (handle_enablexffheader)
{ {
int r = set_bool_arg (&conf->disable_xffheader, line, &match[2]); int r = set_bool_arg (&conf->enable_xffheader, line, &match[2]);
if (r) { if (!r) {
return r; return r;
} }
log_message (LOG_INFO, log_message (LOG_INFO,
"Disabling transmission of the \"X-Forwarded-For\" header."); "Enabling transmission of the \"X-Forwarded-For\" header.");
return 0; return r;
} }
static HANDLE_FUNC (handle_defaulterrorfile) static HANDLE_FUNC (handle_defaulterrorfile)

2
src/conf.h
View File

@ -77,7 +77,7 @@ struct config_s {
unsigned int disable_viaheader; /* boolean */ unsigned int disable_viaheader; /* boolean */
unsigned int disable_xffheader; /* boolean */ unsigned int enable_xffheader; /* boolean */
/* /*
* Error page support. Map error numbers to file paths. * Error page support. Map error numbers to file paths.

4
src/reqs.c
View File

@ -924,7 +924,7 @@ process_client_headers (struct conn_s *connptr, hashmap_t hashofheaders)
goto PULL_CLIENT_DATA; goto PULL_CLIENT_DATA;
} }
if (!config.disable_xffheader) { if (config.enable_xffheader) {
/* Send new or appended the 'X-Forwarded-For' header */ /* Send new or appended the 'X-Forwarded-For' header */
ret = write_xff_header(connptr->server_fd, hashofheaders, ret = write_xff_header(connptr->server_fd, hashofheaders,
connptr->client_ip_addr); connptr->client_ip_addr);
@ -1100,7 +1100,7 @@ retry:
if (ret < 0) if (ret < 0)
goto ERROR_EXIT; goto ERROR_EXIT;
if (!config.disable_xffheader) { if (config.enable_xffheader) {
/* Send new or appended the 'X-Forwarded-For' header */ /* Send new or appended the 'X-Forwarded-For' header */
ret = write_xff_header(connptr->client_fd, hashofheaders, ret = write_xff_header(connptr->client_fd, hashofheaders,
connptr->server_ip_addr); connptr->server_ip_addr);