diff options
| author | Roger Dingledine <arma@torproject.org> | 2007-02-07 03:40:06 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2007-02-07 03:40:06 +0000 |
| commit | 7828927a58a2c06befe51b502b4f380b9bc53709 (patch) | |
| tree | d21b0ebbdab3edcad8a2d0d50456f2df6d41fbe9 /src | |
| parent | 690c9cc887b0e25a76f7e9155487d05a3c9ca9bb (diff) | |
| download | tor-7828927a58a2c06befe51b502b4f380b9bc53709.tar.gz tor-7828927a58a2c06befe51b502b4f380b9bc53709.zip | |
Only rewrite a conn's address based on X-Forwarded-For: headers
if it's a parseable public IP address; and stop adding extra quotes
to the resulting address.
svn:r9505
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/directory.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/or/directory.c b/src/or/directory.c index 1b5468bd93..e181fa8fbd 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -708,8 +708,14 @@ http_set_address_origin(const char *headers, connection_t *conn) if (!fwd) fwd = http_get_header(headers, "X-Forwarded-For: "); if (fwd) { + struct in_addr in; + if (!tor_inet_aton(fwd, &in) || is_internal_IP(ntohl(in.s_addr), 0)) { + log_debug(LD_DIR, "Ignoring unrecognized or internal IP '%s'", fwd); + tor_free(fwd); + return; + } tor_free(conn->address); - conn->address = tor_strdup(escaped(fwd)); + conn->address = tor_strdup(fwd); tor_free(fwd); } } |