Bug#119888: Patch for fix that
In this reference [http://wiki.nginx.org/ThttpdRealIP] is avaliable a
patch for that thttpd respect the X-forward-for header (originaly posted
by Daniel Clemente [http://www.danielclemente.com/amarok/ip_real.txt] ).
I would like you apply this patch. I add now:
--- thttpd-2.25b/libhttpd.c 2003-12-25 20:06:05.000000000 +0100
+++ thttpd-2.25b-patched/libhttpd.c 2005-01-09 00:26:04.867255248 +0100
@@ -2207,6 +2207,12 @@
if ( strcasecmp( cp, "keep-alive" ) == 0 )
hc->keep_alive = 1;
}
+ else if ( strncasecmp( buf, "X-Forwarded-For:", 16 ) == 0 )
+ { // Use real IP if available
+ cp = &buf[16];
+ cp += strspn( cp, " \t" );
+ inet_aton( cp, &(hc->client_addr.sa_in.sin_addr) );
+ }
#ifdef LOG_UNKNOWN_HEADERS
else if ( strncasecmp( buf, "Accept-Charset:", 15 ) == 0 ||
strncasecmp( buf, "Accept-Language:", 16 ) == 0 ||
I CC acme labs software for confirming this bug is _not_ fixed in
version 2.22 (or any later version) of thttpd (in
http://acme.com/software/thttpd/#releasenotes it seems it's not) and
Daniel Clemente for knowing your work is helpful for others ;-) (I hope
you're not "molesto", Daniel)
Thanks a lot,
Xan.
Reply to: