I was just about to do the same, but revert and recommit just to simplify the (anticipated) later backport. The bitfield is a bugger.
Apparently my make clean; make wasn't building the source tree I thought it was, sigh... Bill On Thu, Feb 11, 2016 at 6:20 PM, Rainer Jung <[email protected]> wrote: > I fixed two minor compilation failures, but one type of failure remains: > > .../server/core.c: In function 'ap_get_remote_host': > .../server/core.c:959:17: error: cannot take address of bit-field > 'double_reverse' > do_double_reverse(&conn->double_reverse, > conn->remote_host, > ^ > .../server/core.c:974:9: error: cannot take address of bit-field > 'double_reverse' > do_double_reverse(&conn->double_reverse, conn->remote_host, > ^ > > Regards, > > Rainer > > > Am 11.02.2016 um 22:58 schrieb [email protected]: > >> Author: wrowe >> Date: Thu Feb 11 21:58:45 2016 >> New Revision: 1729901 >> >> URL: http://svn.apache.org/viewvc?rev=1729901&view=rev >> Log: >> Introduce an ap_get_useragent_host() accessor to replace the old >> ap_get_remote_host() in most applications, but preserve the original >> behavior for all ap_get_remote_host() consumers (mostly, because we >> don't have the request_rec in the first place, and also to avoid any >> unintended consequences). >> >> This accessor continues to store the remote_host of connection based >> uesr agents within the conn_rec for optimization. Only where some >> other module modifies the useragent_addr will we perform a per-request >> query of the remote_host. >> >> (Committed previously, but backed out due to unrelated core.c changes) >> >> Modified: >> httpd/httpd/trunk/CHANGES >> httpd/httpd/trunk/include/ap_mmn.h >> httpd/httpd/trunk/include/http_core.h >> httpd/httpd/trunk/include/httpd.h >> httpd/httpd/trunk/server/core.c >> >> Modified: httpd/httpd/trunk/CHANGES >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1729901&r1=1729900&r2=1729901&view=diff >> >> ============================================================================== >> --- httpd/httpd/trunk/CHANGES [utf-8] (original) >> +++ httpd/httpd/trunk/CHANGES [utf-8] Thu Feb 11 21:58:45 2016 >> @@ -1,6 +1,11 @@ >> -*- coding: >> utf-8 -*- >> Changes with Apache 2.5.0 >> >> + *) core: Track the useragent_host per-request when mod_remoteip or >> similar >> + modules track a per-request useragent_ip. Modules should be updated >> + to inquire for ap_get_useragent_host() in place of >> ap_get_remote_host(). >> + [William Rowe] >> + >> *) mod_proxy: Play/restore the TLS-SNI on new backend connections >> which >> had to be issued because the remote closed the previous/reusable >> one >> during idle (keep-alive) time. [Yann Ylavic] >> >> Modified: httpd/httpd/trunk/include/ap_mmn.h >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/trunk/include/ap_mmn.h?rev=1729901&r1=1729900&r2=1729901&view=diff >> >> ============================================================================== >> --- httpd/httpd/trunk/include/ap_mmn.h (original) >> +++ httpd/httpd/trunk/include/ap_mmn.h Thu Feb 11 21:58:45 2016 >> @@ -500,6 +500,8 @@ >> * 20150222.9 (2.5.0-dev) Add epxr_hander to core_dir_config. >> * 20150222.10 (2.5.0-dev) Add new ap_update_child_status...() methods, >> * add protocol to worker_score in scoreboard.h >> + * 20150222.11 (2.5.0-dev) Split useragent_host from the conn_rec into >> + * the request_rec, with ap_get_useragent_host() >> */ >> >> #define MODULE_MAGIC_COOKIE 0x41503235UL /* "AP25" */ >> @@ -507,7 +509,7 @@ >> #ifndef MODULE_MAGIC_NUMBER_MAJOR >> #define MODULE_MAGIC_NUMBER_MAJOR 20150222 >> #endif >> -#define MODULE_MAGIC_NUMBER_MINOR 10 /* 0...n */ >> +#define MODULE_MAGIC_NUMBER_MINOR 11 /* 0...n */ >> >> /** >> * Determine if the server's current MODULE_MAGIC_NUMBER is at least a >> >> Modified: httpd/httpd/trunk/include/http_core.h >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/trunk/include/http_core.h?rev=1729901&r1=1729900&r2=1729901&view=diff >> >> ============================================================================== >> --- httpd/httpd/trunk/include/http_core.h (original) >> +++ httpd/httpd/trunk/include/http_core.h Thu Feb 11 21:58:45 2016 >> @@ -159,6 +159,32 @@ AP_DECLARE(int) ap_allow_overrides(reque >> AP_DECLARE(const char *) ap_document_root(request_rec *r); >> >> /** >> + * Lookup the remote user agent's DNS name or IP address >> + * @ingroup get_remote_hostname >> + * @param req The current request >> + * @param type The type of lookup to perform. One of: >> + * <pre> >> + * REMOTE_HOST returns the hostname, or NULL if the hostname >> + * lookup fails. It will force a DNS lookup according >> to the >> + * HostnameLookups setting. >> + * REMOTE_NAME returns the hostname, or the dotted quad if the >> + * hostname lookup fails. It will force a DNS lookup >> according >> + * to the HostnameLookups setting. >> + * REMOTE_NOLOOKUP is like REMOTE_NAME except that a DNS lookup is >> + * never forced. >> + * REMOTE_DOUBLE_REV will always force a DNS lookup, and also force >> + * a double reverse lookup, regardless of the >> HostnameLookups >> + * setting. The result is the (double reverse checked) >> + * hostname, or NULL if any of the lookups fail. >> + * </pre> >> + * @param str_is_ip unless NULL is passed, this will be set to non-zero >> on >> + * output when an IP address string is returned >> + * @return The remote hostname (based on the request useragent_ip) >> + */ >> +AP_DECLARE(const char *) ap_get_useragent_host(request_rec *req, int >> type, >> + int *str_is_ip); >> + >> +/** >> * Lookup the remote client's DNS name or IP address >> * @ingroup get_remote_host >> * @param conn The current connection >> @@ -180,7 +206,7 @@ AP_DECLARE(const char *) ap_document_roo >> * </pre> >> * @param str_is_ip unless NULL is passed, this will be set to non-zero >> on output when an IP address >> * string is returned >> - * @return The remote hostname >> + * @return The remote hostname (based on the connection client_ip) >> */ >> AP_DECLARE(const char *) ap_get_remote_host(conn_rec *conn, void >> *dir_config, int type, int *str_is_ip); >> >> >> Modified: httpd/httpd/trunk/include/httpd.h >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/trunk/include/httpd.h?rev=1729901&r1=1729900&r2=1729901&view=diff >> >> ============================================================================== >> --- httpd/httpd/trunk/include/httpd.h (original) >> +++ httpd/httpd/trunk/include/httpd.h Thu Feb 11 21:58:45 2016 >> @@ -1056,6 +1056,16 @@ struct request_rec { >> apr_table_t *trailers_in; >> /** MIME trailer environment from the response */ >> apr_table_t *trailers_out; >> + >> + /** Originator's DNS name, if known. NULL if DNS hasn't been >> checked, >> + * "" if it has and no address was found. N.B. Only access this >> though >> + * ap_get_useragent_host() */ >> + char *useragent_host; >> + /** have we done double-reverse DNS? -1 yes/failure, 0 not yet, >> + * 1 yes/success >> + * TODO: 2 bit signed bitfield when this structure is compacted >> + */ >> + int double_reverse; >> }; >> >> /** >> >> Modified: httpd/httpd/trunk/server/core.c >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?rev=1729901&r1=1729900&r2=1729901&view=diff >> >> ============================================================================== >> --- httpd/httpd/trunk/server/core.c (original) >> +++ httpd/httpd/trunk/server/core.c Thu Feb 11 21:58:45 2016 >> @@ -887,27 +887,30 @@ char *ap_response_code_string(request_re >> >> >> /* Code from Harald Hanche-Olsen <[email protected]> */ >> -static APR_INLINE void do_double_reverse (conn_rec *conn) >> +static APR_INLINE void do_double_reverse (int *double_reverse, >> + const char *remote_host, >> + apr_sockaddr_t *client_addr, >> + apr_pool_t *pool) >> { >> apr_sockaddr_t *sa; >> apr_status_t rv; >> >> - if (conn->double_reverse) { >> + if (*double_reverse) { >> /* already done */ >> return; >> } >> >> - if (conn->remote_host == NULL || conn->remote_host[0] == '\0') { >> + if (remote_host == NULL || remote_host[0] == '\0') { >> /* single reverse failed, so don't bother */ >> - conn->double_reverse = -1; >> + *double_reverse = -1; >> return; >> } >> >> - rv = apr_sockaddr_info_get(&sa, conn->remote_host, APR_UNSPEC, 0, 0, >> conn->pool); >> + rv = apr_sockaddr_info_get(&sa, remote_host, APR_UNSPEC, 0, 0, pool); >> if (rv == APR_SUCCESS) { >> while (sa) { >> - if (apr_sockaddr_equal(sa, conn->client_addr)) { >> - conn->double_reverse = 1; >> + if (apr_sockaddr_equal(sa, client_addr)) { >> + *double_reverse = 1; >> return; >> } >> >> @@ -915,7 +918,7 @@ static APR_INLINE void do_double_reverse >> } >> } >> >> - conn->double_reverse = -1; >> + *double_reverse = -1; >> } >> >> AP_DECLARE(const char *) ap_get_remote_host(conn_rec *conn, void >> *dir_config, >> @@ -953,7 +956,8 @@ AP_DECLARE(const char *) ap_get_remote_h >> ap_str_tolower(conn->remote_host); >> >> if (hostname_lookups == HOSTNAME_LOOKUP_DOUBLE) { >> - do_double_reverse(conn); >> + do_double_reverse(&conn->double_reverse, >> conn->remote_host, >> + conn->client_addr, conn->pool) >> if (conn->double_reverse != 1) { >> conn->remote_host = NULL; >> } >> @@ -967,7 +971,8 @@ AP_DECLARE(const char *) ap_get_remote_h >> } >> >> if (type == REMOTE_DOUBLE_REV) { >> - do_double_reverse(conn); >> + do_double_reverse(&conn->double_reverse, conn->remote_host, >> + conn->client_addr, conn->pool) >> if (conn->double_reverse == -1) { >> return NULL; >> } >> @@ -991,6 +996,80 @@ AP_DECLARE(const char *) ap_get_remote_h >> } >> } >> } >> + >> +AP_DECLARE(const char *) ap_get_useragent_host(request_rec *r, >> + int type, int *str_is_ip) >> +{ >> + conn_rec *conn = r->connection; >> + int hostname_lookups; >> + int ignored_str_is_ip; >> + >> + if (req->useragent_addr == conn->client_addr) { >> + return ap_get_remote_host(conn, r->per_dir_config, type, >> str_is_ip); >> + } >> + >> + if (!str_is_ip) { /* caller doesn't want to know */ >> + str_is_ip = &ignored_str_is_ip; >> + } >> + *str_is_ip = 0; >> + >> + hostname_lookups = ((core_dir_config *) >> + ap_get_core_module_config(r->per_dir_config)) >> + ->hostname_lookups; >> + if (hostname_lookups == HOSTNAME_LOOKUP_UNSET) { >> + hostname_lookups = HOSTNAME_LOOKUP_OFF; >> + } >> + >> + if (type != REMOTE_NOLOOKUP >> + && r->useragent_host == NULL >> + && (type == REMOTE_DOUBLE_REV >> + || hostname_lookups != HOSTNAME_LOOKUP_OFF)) { >> + >> + if (apr_getnameinfo(&r->useragent_host, r->useragent_addr, 0) >> + == APR_SUCCESS) { >> + ap_str_tolower(r->useragent_host); >> + >> + if (hostname_lookups == HOSTNAME_LOOKUP_DOUBLE) { >> + do_double_reverse(&r->double_reverse, r->useragent_host, >> + r->useragent_addr, r->pool) >> + if (r->double_reverse != 1) { >> + r->useragent_host = NULL; >> + } >> + } >> + } >> + >> + /* if failed, set it to the NULL string to indicate error */ >> + if (r->useragent_host == NULL) { >> + r->useragent_host = ""; >> + } >> + } >> + >> + if (type == REMOTE_DOUBLE_REV) { >> + do_double_reverse(&r->double_reverse, r->useragent_host, >> + r->useragent_addr, r->pool) >> + if (r->double_reverse == -1) { >> + return NULL; >> + } >> + } >> + >> + /* >> + * Return the desired information; either the remote DNS name, if >> found, >> + * or either NULL (if the hostname was requested) or the IP address >> + * (if any identifier was requested). >> + */ >> + if (r->useragent_host != NULL && r->useragent_host[0] != '\0') { >> + return r->useragent_host; >> + } >> + else { >> + if (type == REMOTE_HOST || type == REMOTE_DOUBLE_REV) { >> + return NULL; >> + } >> + else { >> + *str_is_ip = 1; >> + return r->useragent_ip; >> + } >> + } >> +} >> >> /* >> * Optional function coming from mod_ident, used for looking up ident >> user >> >
