diff options
| author |   Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 13:49:04 -0700 |
|---|---|---|
| committer | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 17:38:18 -0700 |
| commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
| tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /www-apache/mod_rpaf/files | |
| download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip | |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'www-apache/mod_rpaf/files')
| -rw-r--r-- | www-apache/mod_rpaf/files/003_ipv6.patch | 31 | ||||
| -rw-r--r-- | www-apache/mod_rpaf/files/010_multiple_proxies.patch | 37 | ||||
| -rw-r--r-- | www-apache/mod_rpaf/files/011_apache2.4.patch | 51 | ||||
| -rw-r--r-- | www-apache/mod_rpaf/files/012_Add-missing-header-for-inet_addr.patch | 17 | ||||
| -rw-r--r-- | www-apache/mod_rpaf/files/10_mod_rpaf.conf | 6 |
5 files changed, 142 insertions, 0 deletions
diff --git a/www-apache/mod_rpaf/files/003_ipv6.patch b/www-apache/mod_rpaf/files/003_ipv6.patch new file mode 100644 index 000000000000..67edd55e45aa --- /dev/null +++ b/www-apache/mod_rpaf/files/003_ipv6.patch @@ -0,0 +1,31 @@ +Description: ipv6 fixes +Author: Piotr Roszatycki <dexter@debian.org> +Reviewed-by: Sergey B Kirpichev <skirpichev@gmail.com> +Bug-Debian: http://bugs.debian.org/726529 + +--- + mod_rpaf-2.0.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/mod_rpaf-2.0.c ++++ b/mod_rpaf-2.0.c +@@ -72,6 +72,8 @@ + #include "http_vhost.h" + #include "apr_strings.h" + ++#include <arpa/inet.h> ++ + module AP_MODULE_DECLARE_DATA rpaf_module; + + typedef struct { +@@ -185,6 +187,10 @@ + apr_pool_cleanup_register(r->pool, (void *)rcr, rpaf_cleanup, apr_pool_cleanup_null); + r->connection->remote_ip = apr_pstrdup(r->connection->pool, ((char **)arr->elts)[((arr->nelts)-1)]); + r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->remote_ip); ++ apr_sockaddr_t *tmpsa; ++ int ret = apr_sockaddr_info_get(&tmpsa, r->connection->remote_ip, APR_UNSPEC, r->connection->remote_addr->port, 0, r->connection->remote_addr->pool); ++ if (ret == APR_SUCCESS) ++ memcpy(r->connection->remote_addr, tmpsa, sizeof(apr_sockaddr_t)); + if (cfg->sethostname) { + const char *hostvalue; + if (hostvalue = apr_table_get(r->headers_in, "X-Forwarded-Host")) { diff --git a/www-apache/mod_rpaf/files/010_multiple_proxies.patch b/www-apache/mod_rpaf/files/010_multiple_proxies.patch new file mode 100644 index 000000000000..2c9fae01bbe3 --- /dev/null +++ b/www-apache/mod_rpaf/files/010_multiple_proxies.patch @@ -0,0 +1,37 @@ +Description: Use the last value from the X-Forwarded-For header, which + is not in RPAFproxy_ips as the client IP, falling back to the first one + if they are all known proxies. +Author: Dagfinn Ilmari Mannsåker <ilmari@ilmari.org> + +--- + mod_rpaf-2.0.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +--- a/mod_rpaf-2.0.c ++++ b/mod_rpaf-2.0.c +@@ -154,6 +154,16 @@ + return APR_SUCCESS; + } + ++static char* last_not_in_array(apr_array_header_t *forwarded_for, ++ apr_array_header_t *proxy_ips) { ++ int i; ++ for (i = (forwarded_for->nelts)-1; i > 0; i--) { ++ if (!is_in_array(((char **)forwarded_for->elts)[i], proxy_ips)) ++ break; ++ } ++ return ((char **)forwarded_for->elts)[i]; ++} ++ + static int change_remote_ip(request_rec *r) { + const char *fwdvalue; + char *val; +@@ -185,7 +195,7 @@ + rcr->old_ip = apr_pstrdup(r->connection->pool, r->connection->remote_ip); + rcr->r = r; + apr_pool_cleanup_register(r->pool, (void *)rcr, rpaf_cleanup, apr_pool_cleanup_null); +- r->connection->remote_ip = apr_pstrdup(r->connection->pool, ((char **)arr->elts)[((arr->nelts)-1)]); ++ r->connection->remote_ip = apr_pstrdup(r->connection->pool, last_not_in_array(arr, cfg->proxy_ips)); + r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->remote_ip); + apr_sockaddr_t *tmpsa; + int ret = apr_sockaddr_info_get(&tmpsa, r->connection->remote_ip, APR_UNSPEC, r->connection->remote_addr->port, 0, r->connection->remote_addr->pool); diff --git a/www-apache/mod_rpaf/files/011_apache2.4.patch b/www-apache/mod_rpaf/files/011_apache2.4.patch new file mode 100644 index 000000000000..1757e9f30a5a --- /dev/null +++ b/www-apache/mod_rpaf/files/011_apache2.4.patch @@ -0,0 +1,51 @@ +Description: Apache 2.4 compatibility patch +Author: Sergey B Kirpichev <skirpichev@gmail.com> +Bug-Debian: http://bugs.debian.org/666792 + +--- + mod_rpaf-2.0.c | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +--- a/mod_rpaf-2.0.c ++++ b/mod_rpaf-2.0.c +@@ -149,8 +149,8 @@ + + static apr_status_t rpaf_cleanup(void *data) { + rpaf_cleanup_rec *rcr = (rpaf_cleanup_rec *)data; +- rcr->r->connection->remote_ip = apr_pstrdup(rcr->r->connection->pool, rcr->old_ip); +- rcr->r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(rcr->r->connection->remote_ip); ++ rcr->r->connection->client_ip = apr_pstrdup(rcr->r->connection->pool, rcr->old_ip); ++ rcr->r->connection->client_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(rcr->r->connection->client_ip); + return APR_SUCCESS; + } + +@@ -173,7 +173,7 @@ + if (!cfg->enable) + return DECLINED; + +- if (is_in_array(r->connection->remote_ip, cfg->proxy_ips) == 1) { ++ if (is_in_array(r->connection->client_ip, cfg->proxy_ips) == 1) { + /* check if cfg->headername is set and if it is use + that instead of X-Forwarded-For by default */ + if (cfg->headername && (fwdvalue = apr_table_get(r->headers_in, cfg->headername))) { +@@ -192,15 +192,15 @@ + if (*fwdvalue != '\0') + ++fwdvalue; + } +- rcr->old_ip = apr_pstrdup(r->connection->pool, r->connection->remote_ip); ++ rcr->old_ip = apr_pstrdup(r->connection->pool, r->connection->client_ip); + rcr->r = r; + apr_pool_cleanup_register(r->pool, (void *)rcr, rpaf_cleanup, apr_pool_cleanup_null); +- r->connection->remote_ip = apr_pstrdup(r->connection->pool, last_not_in_array(arr, cfg->proxy_ips)); +- r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->remote_ip); ++ r->connection->client_ip = apr_pstrdup(r->connection->pool, last_not_in_array(arr, cfg->proxy_ips)); ++ r->connection->client_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->client_ip); + apr_sockaddr_t *tmpsa; +- int ret = apr_sockaddr_info_get(&tmpsa, r->connection->remote_ip, APR_UNSPEC, r->connection->remote_addr->port, 0, r->connection->remote_addr->pool); ++ int ret = apr_sockaddr_info_get(&tmpsa, r->connection->client_ip, APR_UNSPEC, r->connection->client_addr->port, 0, r->connection->client_addr->pool); + if (ret == APR_SUCCESS) +- memcpy(r->connection->remote_addr, tmpsa, sizeof(apr_sockaddr_t)); ++ memcpy(r->connection->client_addr, tmpsa, sizeof(apr_sockaddr_t)); + if (cfg->sethostname) { + const char *hostvalue; + if (hostvalue = apr_table_get(r->headers_in, "X-Forwarded-Host")) { diff --git a/www-apache/mod_rpaf/files/012_Add-missing-header-for-inet_addr.patch b/www-apache/mod_rpaf/files/012_Add-missing-header-for-inet_addr.patch new file mode 100644 index 000000000000..250a23bf918e --- /dev/null +++ b/www-apache/mod_rpaf/files/012_Add-missing-header-for-inet_addr.patch @@ -0,0 +1,17 @@ +Description: Add missing header for inet_addr +Author: Sergey B Kirpichev <skirpichev@gmail.com> + +--- + mod_rpaf-2.0.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/mod_rpaf-2.0.c ++++ b/mod_rpaf-2.0.c +@@ -64,6 +64,7 @@ + * + */ + ++#include <arpa/inet.h> + #include "httpd.h" + #include "http_config.h" + #include "http_core.h" diff --git a/www-apache/mod_rpaf/files/10_mod_rpaf.conf b/www-apache/mod_rpaf/files/10_mod_rpaf.conf new file mode 100644 index 000000000000..56c952ffaeb6 --- /dev/null +++ b/www-apache/mod_rpaf/files/10_mod_rpaf.conf @@ -0,0 +1,6 @@ +<IfDefine RPAF> +LoadModule rpaf_module modules/mod_rpaf.so +RPAFenable on +</IfDefine> + +# vim: ts=4 filetype=apache |