I can see that a flat directive namespace has its drawbacks... ;-)
> Am 01.04.2017 um 19:12 schrieb Daniel Ruggeri :
>
>
> On 4/1/2017 11:18 AM, Yann Ylavic wrote:
>> Hi Daniel,
>>
>> On Sat, Apr 1, 2017 at 3:56 PM, Daniel Ruggeri wrote:
>>> I went
On 4/1/2017 11:18 AM, Yann Ylavic wrote:
> Hi Daniel,
>
> On Sat, Apr 1, 2017 at 3:56 PM, Daniel Ruggeri wrote:
>> I went with the directive name
>> RemoteIPProxyProtocolDisableHosts to align more with the fact that a
>> single host or range can be disabled.
> How about
Hi Daniel,
On Sat, Apr 1, 2017 at 3:56 PM, Daniel Ruggeri wrote:
> I went with the directive name
> RemoteIPProxyProtocolDisableHosts to align more with the fact that a
> single host or range can be disabled.
How about RemoteIPProxyProtocolExceptions since one can
Sorry for the top post. I've committed r1789800 which pulls out Optional
handling and adds the ability to disable based on source network. This
is more or less the code as it was donated, plus some cleanup and the
small addition to disable based on networks (overall a cleaner approach
anyway). I
Agreed - as many times as I read the spec, I have no idea how I did not
see that security advisory. It's flat-out damning to the idea of an
"optional" mode. I'll go ahead and rip out the optional processing and
will add your suggested idea of a list of subnets to disable parsing. I
hope to have a
On Wed, Mar 29, 2017 at 4:43 PM, William A Rowe Jr wrote:
>
> It would be nice if the mod_remoteip patch to PROXY protocol followed the
> security advisories of the PROXY draft security comments, and we rip out the
> 'optional' mode. The remaining objection is around the
On Mon, Mar 27, 2017 at 9:07 AM, Sander Hoentjen wrote:
>
> On 03/16/2017 10:34 AM, Sander Hoentjen wrote:
>>
>> On 03/11/2017 07:57 PM, Daniel Ruggeri wrote:
>>> Thanks, all, for the patience as I finally got back to this.
>>>
>>> On 2/24/2017 11:05 AM, Sander Hoentjen wrote:
On 03/16/2017 10:34 AM, Sander Hoentjen wrote:
>
> On 03/11/2017 07:57 PM, Daniel Ruggeri wrote:
>> Thanks, all, for the patience as I finally got back to this.
>>
>> On 2/24/2017 11:05 AM, Sander Hoentjen wrote:
>>> On 02/20/2017 07:48 PM, William A Rowe Jr wrote:
On Sat, Feb 18, 2017 at
On 03/11/2017 07:57 PM, Daniel Ruggeri wrote:
> Thanks, all, for the patience as I finally got back to this.
>
> On 2/24/2017 11:05 AM, Sander Hoentjen wrote:
>> On 02/20/2017 07:48 PM, William A Rowe Jr wrote:
>>> On Sat, Feb 18, 2017 at 4:25 PM, Daniel Ruggeri wrote:
Thanks, all, for the patience as I finally got back to this.
On 2/24/2017 11:05 AM, Sander Hoentjen wrote:
>
> On 02/20/2017 07:48 PM, William A Rowe Jr wrote:
>> On Sat, Feb 18, 2017 at 4:25 PM, Daniel Ruggeri wrote:
>>> On 2017-02-15 09:07 (-0600), William A Rowe Jr
On 02/20/2017 07:48 PM, William A Rowe Jr wrote:
> On Sat, Feb 18, 2017 at 4:25 PM, Daniel Ruggeri wrote:
>> On 2017-02-15 09:07 (-0600), William A Rowe Jr wrote:
>>> On Wed, Feb 15, 2017 at 9:02 AM, Sander Hoentjen wrote:
On Sat, Feb 18, 2017 at 4:25 PM, Daniel Ruggeri wrote:
> On 2017-02-15 09:07 (-0600), William A Rowe Jr wrote:
>> On Wed, Feb 15, 2017 at 9:02 AM, Sander Hoentjen wrote:
>> >
>> > mod_remote ip has:
>> > /* mod_proxy creates
I am away on holiday until the 25th, will try when i get back.
On Sat Feb 18 23:25:51 2017 GMT+0100, Daniel Ruggeri wrote:
> On 2017-02-15 09:07 (-0600), William A Rowe Jr wrote:
> > On Wed, Feb 15, 2017 at 9:02 AM, Sander Hoentjen wrote:
> > >
> > >
On 2017-02-15 09:07 (-0600), William A Rowe Jr wrote:
> On Wed, Feb 15, 2017 at 9:02 AM, Sander Hoentjen wrote:
> >
> > mod_remote ip has:
> > /* mod_proxy creates outgoing connections - we don't want those */
> > if
On Wed, Feb 15, 2017 at 9:02 AM, Sander Hoentjen wrote:
>
> mod_remote ip has:
> /* mod_proxy creates outgoing connections - we don't want those */
> if (!remoteip_is_server_port(c->local_addr->port)) {
> return DECLINED;
> }
> I am guessing something
On 02/15/2017 12:19 PM, Jordan Gigov wrote:
> On 15 February 2017 at 12:50, Sander Hoentjen wrote:
>> Hey guys,
>>
>> I am trying to use both mod_remoteip with ProxyProtocol and mod_http2.
>> It looks like mod_http2 gets handed the connection before mod_remoteip,
>> so things
Try modules/http2/h2_h2.c line 550 add "mod_remoteip.c" after "mod_ssl.c".
This reminds me since remoteip is being updated, maybe it should also
specify some before and after mods to avoid.
On 15 February 2017 at 12:50, Sander Hoentjen wrote:
> Hey guys,
>
> I am trying to
Hey guys,
I am trying to use both mod_remoteip with ProxyProtocol and mod_http2.
It looks like mod_http2 gets handed the connection before mod_remoteip,
so things don't work as they should. ProxyProtocol should always be
handled first, since it is prepended to the stream. Any pointers to
where in
18 matches
Mail list logo