[master] ae54868 Move X-Forwarded-For handled into C code

Tollef Fog Heen tfheen at err.no
Tue Mar 18 12:53:55 CET 2014


commit ae548683b8f91d0a92799f6c746b80773a4c9f05
Author: Tollef Fog Heen <tfheen at fastly.com>
Date:   Tue Mar 18 12:18:33 2014 +0100

    Move X-Forwarded-For handled into C code
    
    Remove adding of X-Forwarded-For from builtin.vcl and put it into the
    C code that runs before vcl_recv.  This makes it more likely that it's
    properly set when the user VCL runs.
    
    Fixes: #1454

diff --git a/bin/varnishd/builtin.vcl b/bin/varnishd/builtin.vcl
index da30346..ac795fd 100644
--- a/bin/varnishd/builtin.vcl
+++ b/bin/varnishd/builtin.vcl
@@ -45,14 +45,6 @@ vcl 4.0;
 # Client side
 
 sub vcl_recv {
-    if (req.restarts == 0) {
-        if (req.http.x-forwarded-for) {
-            set req.http.X-Forwarded-For =
-                req.http.X-Forwarded-For + ", " + client.ip;
-        } else {
-            set req.http.X-Forwarded-For = client.ip;
-        }
-    }
     if (req.method != "GET" &&
       req.method != "HEAD" &&
       req.method != "PUT" &&
diff --git a/bin/varnishd/cache/cache_req_fsm.c b/bin/varnishd/cache/cache_req_fsm.c
index 467ea8d..5df16e6 100644
--- a/bin/varnishd/cache/cache_req_fsm.c
+++ b/bin/varnishd/cache/cache_req_fsm.c
@@ -660,6 +660,7 @@ cnt_recv(struct worker *wrk, struct req *req)
 {
 	unsigned recv_handling;
 	struct SHA256Context sha256ctx;
+	char *xff;
 
 	CHECK_OBJ_NOTNULL(wrk, WORKER_MAGIC);
 	CHECK_OBJ_NOTNULL(req, REQ_MAGIC);
@@ -688,6 +689,16 @@ cnt_recv(struct worker *wrk, struct req *req)
 	req->hash_always_miss = 0;
 	req->hash_ignore_busy = 0;
 	req->client_identity = NULL;
+	if (req->restarts == 0) {
+		if (http_GetHdr(req->http, H_X_Forwarded_For, &xff)) {
+			http_Unset(req->http, H_X_Forwarded_For);
+			http_PrintfHeader(req->http, "X-Forwarded-For: %s, %s", xff,
+					  req->sp->client_addr_str);
+		} else {
+			http_PrintfHeader(req->http, "X-Forwarded-For: %s",
+					  req->sp->client_addr_str);
+		}
+	}
 
 	http_CollectHdr(req->http, H_Cache_Control);
 
diff --git a/include/tbl/http_headers.h b/include/tbl/http_headers.h
index 758c7e6..1db7784 100644
--- a/include/tbl/http_headers.h
+++ b/include/tbl/http_headers.h
@@ -94,5 +94,6 @@ HTTPH("Vary",			H_Vary,			0					  )	/* RFC2616 14.44 */
 HTTPH("Via",			H_Via,			0					  )	/* RFC2616 14.45 */
 HTTPH("Warning",		H_Warning,		0					  )	/* RFC2616 14.46 */
 HTTPH("WWW-Authenticate",	H_WWW_Authenticate,	0					  )	/* RFC2616 14.47 */
+HTTPH("X-Forwarded-For",	H_X_Forwarded_For,	0					  )	/* Not RFC */
 
 /*lint -restore */



More information about the varnish-commit mailing list