--- modules/metadata/mod_remoteip.c Wed Jun 6 21:04:45 2018
+++ modules/metadata/mod_remoteip.c Mon Dec 17 17:50:13 2018
@@ -55,6 +55,11 @@
* (removed as the physical connection and
* from the proxy-via IP header value list)
*/
+ const char *header_scheme;
+ /** A header to record the proxied scheme
+ * (removed as the physical connection and
+ * from the proxy-via IP header value list)
+ */
const char *proxies_header_name;
/** A list of trusted proxies, ideally configured
* with the most commonly encountered listed first
@@ -154,6 +159,7 @@
remoteip_config_t *config = apr_pcalloc(p, sizeof(*config));
config->disabled_subnets = apr_array_make(p, 1, sizeof(apr_ipsubnet_t *));
/* config->header_name = NULL;
+ * config->header_scheme = NULL;
* config->proxies_header_name = NULL;
* config->proxy_protocol_enabled = NULL;
* config->proxy_protocol_disabled = NULL;
@@ -173,6 +179,9 @@
config->header_name = server->header_name
? server->header_name
: global->header_name;
+ config->header_scheme = server->header_scheme
+ ? server->header_scheme
+ : global->header_scheme;
config->proxies_header_name = server->proxies_header_name
? server->proxies_header_name
: global->proxies_header_name;
@@ -191,6 +200,15 @@
return NULL;
}
+static const char *scheme_name_set(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ remoteip_config_t *config = ap_get_module_config(cmd->server->module_config,
+ &remoteip_module);
+ config->header_scheme = arg;
+ return NULL;
+}
+
static const char *proxies_header_name_set(cmd_parms *cmd, void *dummy,
const char *arg)
{
@@ -529,6 +547,7 @@
apr_status_t rv;
char *remote;
+ char *scheme;
char *proxy_ips = NULL;
char *parse_remote;
char *eos;
@@ -739,6 +758,11 @@
r->useragent_addr = req->useragent_addr;
r->useragent_ip = req->useragent_ip;
+ if (config->header_name) {
+ scheme = (char *) apr_table_get(r->headers_in, config->header_scheme);
+ if (scheme && strcmp(scheme, "https") == 0)
+ r->server->server_scheme = scheme;
+ }
ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
req->proxy_ips
@@ -1199,6 +1223,9 @@
AP_INIT_TAKE1("RemoteIPHeader", header_name_set, NULL, RSRC_CONF,
"Specifies a request header to trust as the client IP, "
"e.g. X-Forwarded-For"),
+ AP_INIT_TAKE1("RemoteIPProtoHeader", scheme_name_set, NULL, RSRC_CONF,
+ "Specifies a request header to trust as the client scheme, "
+ "e.g. X-Forwarded-Proto"),
AP_INIT_TAKE1("RemoteIPProxiesHeader", proxies_header_name_set,
NULL, RSRC_CONF,
"Specifies a request header to record proxy IP's, "
--- docs/manual/mod/mod_remoteip.xml (revision 1849285)
+++ docs/manual/mod/mod_remoteip.xml (working copy)
@@ -123,7 +123,6 @@
The