diff --git a/docs/manual/mod/mpm_common.xml b/docs/manual/mod/mpm_common.xml index be8a2ff5b2..2d27f1a1fe 100644 --- a/docs/manual/mod/mpm_common.xml +++ b/docs/manual/mod/mpm_common.xml @@ -659,6 +659,28 @@ Apache HTTP Server + +TTLimit +Maximum TTL value which will be accepted +TTLimit number +TTLimit 0 +server config +eventworker +preforkmpm_winnt +mpm_netwarempmt_os2 + + + +

Enabling this feature prevents attempts to bypass the frontend proxy layer. + If set to a value larger than 0, it won't accept any requests if TTL is + larger than specified.

+ +

For example, if TTLimit is set to 1, then requests will be handled only + from a local network. In other words, no more than one hop. +

+ + + ServerLimit Upper limit on configurable number of processes diff --git a/include/ap_listen.h b/include/ap_listen.h index 2329cae70c..13c1e52ec2 100644 --- a/include/ap_listen.h +++ b/include/ap_listen.h @@ -146,6 +146,7 @@ AP_DECLARE_NONSTD(int) ap_close_selected_listeners(ap_slave_t *); * LISTEN_COMMANDS in their command_rec table so that these functions are * called. */ +AP_DECLARE_NONSTD(const char *) ap_set_ttl_limit(cmd_parms *cmd, void *dummy, const char *arg); AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd, void *dummy, const char *arg); AP_DECLARE_NONSTD(const char *) ap_set_listencbratio(cmd_parms *cmd, void *dummy, const char *arg); AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy, @@ -161,6 +162,8 @@ AP_DECLARE_NONSTD(const char *) ap_set_accept_errors_nonfatal(cmd_parms *cmd, int flag); #define LISTEN_COMMANDS \ +AP_INIT_TAKE1("TTLimit", ap_set_ttl_limit, NULL, RSRC_CONF, \ + "Maximum TTL value which will be accepted"), \ AP_INIT_TAKE1("ListenBacklog", ap_set_listenbacklog, NULL, RSRC_CONF, \ "Maximum length of the queue of pending connections, as used by listen(2)"), \ AP_INIT_TAKE1("ListenCoresBucketsRatio", ap_set_listencbratio, NULL, RSRC_CONF, \ diff --git a/server/listen.c b/server/listen.c index 991a3f2c30..6ec737237a 100644 --- a/server/listen.c +++ b/server/listen.c @@ -63,6 +63,7 @@ AP_DECLARE_DATA int ap_have_so_reuseport = -1; AP_DECLARE_DATA int ap_accept_errors_nonfatal = 0; static ap_listen_rec *old_listeners; +static int ap_ttl_limit; static int ap_listenbacklog; static int ap_listencbratio; static int send_buffer_size; @@ -215,6 +216,21 @@ static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server, int do_bind_ } } + if (ap_ttl_limit) { + int thesock; + + apr_os_sock_get(&thesock, s); + if (setsockopt(thesock, IPPROTO_IP, IP_TTL, + &ap_ttl_limit, sizeof(int)) < 0) { + stat = apr_get_netos_error(); + ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(02638) + "make_sock: for address %pI, apr_socket_opt_set: (IP_TTL)" + server->bind_addr); + apr_socket_close(s); + return stat; + } + } + #ifdef WIN32 /* I seriously doubt that this would work on Unix; I have doubts that * it entirely solves the problem on Win32. However, since setting @@ -989,6 +1005,7 @@ AP_DECLARE(void) ap_listen_pre_config(void) ap_listen_buckets = NULL; ap_num_listen_buckets = 0; ap_listenbacklog = DEFAULT_LISTENBACKLOG; + ap_ttl_limit = 0; ap_listencbratio = 0; /* Check once whether or not SO_REUSEPORT is supported. */ @@ -1178,6 +1195,25 @@ AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd, return NULL; } +AP_DECLARE_NONSTD(const char *) ap_set_ttl_limit(cmd_parms *cmd, + void *dummy, + const char *arg) +{ + int b; + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY); + + if (err != NULL) + return err; + + b = atoi(arg); + if (b < 1 || b > 255) + return "TTLimit > 0 and TTLimit < 255"; + + ap_ttl_limit = b; + + return NULL; +} + AP_DECLARE_NONSTD(const char *) ap_set_listencbratio(cmd_parms *cmd, void *dummy, const char *arg)