Please sign in to comment.
Refactor IP subnet comparison using apr funcs
* comparison of connecting IP against trusted RPAF_ProxyIPs done with apr_ipsubnet_test() rather than previous approach that relied on ipv4-limited check_cidr() and strcmp() * rpaf_looks_like_ip() checks that RPAF_Header request values and RPAF_ProxyIPs config values contain valid ipv4/6 addresses * new RPAF_ForbidIfNotProxy option to forbid requests not connecting from RPAF_ProxyIps; otherwise difficult to use Allow/Deny access control on proxies after remote address substitution has taken place * ifdef brackets around code dealing with server_rec->server_scheme because that struct member is only in versions >= 2.2.3 * set "remoteip-proxy-ip-list" value in r->notes table to list of proxies so other modules can know about trusted intermediaries and IP substitution; similar to Apache2.4 mod_remoteip
- Loading branch information...
Oops, something went wrong.