[OpenSRF-GIT] OpenSRF branch master updated. 51a4651186c94686051262a9255d165eadd4f049

Evergreen Git git at git.evergreen-ils.org
Mon Nov 5 11:44:37 EST 2018


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSRF".

The branch, master has been updated
       via  51a4651186c94686051262a9255d165eadd4f049 (commit)
      from  1423787b6076daeb18176e907b1ed307255ffbcb (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 51a4651186c94686051262a9255d165eadd4f049
Author: Bill Erickson <berickxx at gmail.com>
Date:   Mon Aug 27 10:12:57 2018 -0400

    LP#1684970 Translator compatible with mod_remoteip
    
    Teach the OSRF Translator to request the IP address of the user agent
    (e.g. web browser) instead of the IP address of the up stream client,
    which may be a proxy, using the Apache 2.4 request_rec->useragent_ip
    value.
    
    http://httpd.apache.org/docs/2.4/developer/new_api_2_4.html
    
    This make is possible for the translator to access the client IP with
    Apache's mod_remoteip enabled and configured.
    
    Includes sample config and install documentation.
    
    Signed-off-by: Bill Erickson <berickxx at gmail.com>
    Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>

diff --git a/README b/README
index 2abbc83..2b74eed 100644
--- a/README
+++ b/README
@@ -579,6 +579,23 @@ sudo -b /usr/local/bin/websocketd --port 7682 --ssl --sslcert=/etc/apache2/ssl/s
      --sslkey=/etc/apache2/ssl/server.key /openils/bin/osrf-websocket-stdio
 ---------------------------------------------------------------------------
 
+Optional: Using a web proxy (Apache 2.4 and above)
+--------------------------------------------------
+When the OpenSRF HTTP Translator runs behind a proxy, Apache must be 
+configured to read the IP address of the originating client instead
+of the proxy IP address.  
+
+1. Enable mod_remoteip
++
+[source,bash]
+---------------------------------------------------------------------------
+sudo a2enmod remoteip
+---------------------------------------------------------------------------
++
+2. Enable remote IP settings by uncommenting and modifying as needed the 
+Apache configuration variables starting with RemoteIP* in the sample Apache
+configuration file opensrf.conf.
+
 Optional: Using NGINX as a proxy
 --------------------------------
 NGINX can be used to proxy HTTP, HTTPS, and WebSockets traffic. Among other
diff --git a/src/gateway/osrf_http_translator.c b/src/gateway/osrf_http_translator.c
index 789aaae..ec8a685 100644
--- a/src/gateway/osrf_http_translator.c
+++ b/src/gateway/osrf_http_translator.c
@@ -119,7 +119,7 @@ static osrfHttpTranslator* osrfNewHttpTranslator(request_rec* apreq) {
     trans->connecting = 0;
     trans->disconnecting = 0;
 #ifdef APACHE_MIN_24
-    trans->remoteHost = apreq->connection->client_ip;
+    trans->remoteHost = apreq->useragent_ip;
 #else
     trans->remoteHost = apreq->connection->remote_ip;
 #endif

-----------------------------------------------------------------------

Summary of changes:
 README                             |   17 +++++++++++++++++
 src/gateway/osrf_http_translator.c |    2 +-
 2 files changed, 18 insertions(+), 1 deletions(-)


hooks/post-receive
-- 
OpenSRF


More information about the opensrf-commits mailing list