git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 62220] RemoteIPInternalProxyList does not work after PROXY implementation


https://bz.apache.org/bugzilla/show_bug.cgi?id=62220

--- Comment #14 from William A. Rowe Jr. <wrowe@xxxxxxxxxx> ---
[I'll note that in the discussion above "it doesn't work" wasn't particularly
insightful - is this a crash-bug, or what specifically does not work?]

Not a solution, but explaining what might be going on so that the underlying
defect is fixed. First off, the docs are wrong;

Syntax: RemoteIPInternalProxyList filename
Syntax: RemoteIPTrustedProxyList filename
Context: server config, virtual host

Because these two directives run on exec (after preconfig, prior to other
directives), the scope is actually *server config*. When I authored this
module, the expectation was that RemoteIPTrustedProxyList would be some
monster list, e.g.

  https://meta.wikimedia.org/wiki/XFF_project#Trusted_XFF_list

so it was never envisioned that a specific machine would trust anything
other than its physical traffic config (Internal) or some list that delays
startup for a minute or more (unless pre-piped through logresolve for dns
resolution).

I suspect everyone reporting a defect has their list directive within some
virtual host and expected that to be honored for the specific host. As it
is, all of the named lists are cumulative to the global server config. Specific
internal+proxy trust in a specific vhost config overrides global config - it
doesn't supplement it.

That could arguably be changed, given multi-tenant needs today. It could
also be changed to merge a global list with the per-server list during the
config merge, which makes far more sense than simply changing this behavior to
ignore the global lists, unannounced.

Now... going back to the reports above, the comment is the directive "does not
work". We need to know if the lists directive causes a crash? Or the IP's
listed in those list directives are ignored?

If this is simply ignoring global trusted/internal List, note that every PROXY
related directive now causes a virtual host config to come into existence. I
have no explanation yet how the pre/post configs introduced to this module have
impacted the creation of vhost configs and altered the behavior of the List
directives, but that would be the starting point. Someone hitting such a
behavior should be sharing a simple config example of how they encountered
this, with relevant vhosts/remoteip directives.

If this were a crash; this means that every affected server has a global config
with perhaps nothing more than one or multiple trusted/internal lists, and (I
am guessing) further config that affects only intended virtual hosts, but are
undefined for the global host. Note the global config values are all
initialized to 0/NULL, so any exception begins there. Someone hitting such a
crash needs to share the backtrace, please;
https://httpd.apache.org/dev/debugging.html#crashes

Note that no flags were merged for PROXY protocol handling in the initial
merge_remoteip_server_config(), leading to some likely confusion. Also note
that with the introduction of the PROXY filter, during early processing the
server config loaded is the global config (ap_server_conf) and not the
applicable physical vhost. This may or may not be relevant. This code also
introduces some interesting pre/post config side effects of by replacing
default behavior.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: bugs-help@xxxxxxxxxxxxxxxx