commit ghc-http-reverse-proxy for openSUSE:Factory
![](https://seccdn.libravatar.org/avatar/e2145bc5cf53dda95c308a3c75e8fef3.jpg?s=120&d=mm&r=g)
Hello community, here is the log from the commit of package ghc-http-reverse-proxy for openSUSE:Factory checked in at 2017-04-11 09:42:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghc-http-reverse-proxy (Old) and /work/SRC/openSUSE:Factory/.ghc-http-reverse-proxy.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "ghc-http-reverse-proxy" Tue Apr 11 09:42:36 2017 rev:3 rq:485134 version:0.4.3.3 Changes: -------- --- /work/SRC/openSUSE:Factory/ghc-http-reverse-proxy/ghc-http-reverse-proxy.changes 2016-11-10 13:22:04.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.ghc-http-reverse-proxy.new/ghc-http-reverse-proxy.changes 2017-04-11 09:42:38.678427691 +0200 @@ -1,0 +2,5 @@ +Mon Mar 27 12:38:39 UTC 2017 - psimons@suse.com + +- Update to version 0.4.3.3 with cabal2obs. + +------------------------------------------------------------------- Old: ---- http-reverse-proxy-0.4.3.2.tar.gz New: ---- http-reverse-proxy-0.4.3.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghc-http-reverse-proxy.spec ++++++ --- /var/tmp/diff_new_pack.VPLh3w/_old 2017-04-11 09:42:39.310338425 +0200 +++ /var/tmp/diff_new_pack.VPLh3w/_new 2017-04-11 09:42:39.314337861 +0200 @@ -1,7 +1,7 @@ # # spec file for package ghc-http-reverse-proxy # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %global pkg_name http-reverse-proxy %bcond_with tests Name: ghc-%{pkg_name} -Version: 0.4.3.2 +Version: 0.4.3.3 Release: 0 Summary: Reverse proxy HTTP requests, either over raw sockets or with WAI License: BSD-3-Clause ++++++ http-reverse-proxy-0.4.3.2.tar.gz -> http-reverse-proxy-0.4.3.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/http-reverse-proxy-0.4.3.2/ChangeLog.md new/http-reverse-proxy-0.4.3.3/ChangeLog.md --- old/http-reverse-proxy-0.4.3.2/ChangeLog.md 2016-10-27 18:16:44.000000000 +0200 +++ new/http-reverse-proxy-0.4.3.3/ChangeLog.md 2017-03-13 11:19:52.000000000 +0100 @@ -1,3 +1,7 @@ +## 0.4.3.3 + +* `fixReqHeaders` may create weird `x-real-ip` header [#19](https://github.com/fpco/http-reverse-proxy/issues/19) + ## 0.4.3.2 * Minor doc cleanup diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/http-reverse-proxy-0.4.3.2/Network/HTTP/ReverseProxy.hs new/http-reverse-proxy-0.4.3.3/Network/HTTP/ReverseProxy.hs --- old/http-reverse-proxy-0.4.3.2/Network/HTTP/ReverseProxy.hs 2016-10-16 09:35:53.000000000 +0200 +++ new/http-reverse-proxy-0.4.3.3/Network/HTTP/ReverseProxy.hs 2017-03-13 11:18:23.000000000 +0100 @@ -58,13 +58,15 @@ import Data.Default.Class (Default (..), def) import Data.Functor.Identity (Identity (..)) import Data.IORef -import Data.Maybe (fromMaybe) +import Data.Maybe (fromMaybe, listToMaybe) import Data.Monoid (mappend, mconcat, (<>)) import Data.Set (Set) import qualified Data.Set as Set import Data.Streaming.Network (AppData, readLens) import qualified Data.Text.Lazy as TL import qualified Data.Text.Lazy.Encoding as TLE +import qualified Data.Text as T +import qualified Data.Text.Encoding as TE import Data.Word8 (isSpace, _colon, _cr) import Network.HTTP.Client (BodyReader, brRead) import qualified Network.HTTP.Client as HC @@ -319,11 +321,14 @@ $ WAI.requestHeaders req where fromSocket = (("X-Real-IP", S8.pack $ showSockAddr $ WAI.remoteHost req):) + fromForwardedFor = do + h <- lookup "x-forwarded-for" (WAI.requestHeaders req) + listToMaybe $ map (TE.encodeUtf8 . T.strip) $ T.splitOn "," $ TE.decodeUtf8 h addXRealIP = case wpsSetIpHeader wps of SIHFromSocket -> fromSocket SIHFromHeader -> - case lookup "x-real-ip" (WAI.requestHeaders req) <|> lookup "X-Forwarded-For" (WAI.requestHeaders req) of + case lookup "x-real-ip" (WAI.requestHeaders req) <|> fromForwardedFor of Nothing -> fromSocket Just ip -> (("X-Real-IP", ip):) SIHNone -> id diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/http-reverse-proxy-0.4.3.2/http-reverse-proxy.cabal new/http-reverse-proxy-0.4.3.3/http-reverse-proxy.cabal --- old/http-reverse-proxy-0.4.3.2/http-reverse-proxy.cabal 2016-10-27 18:16:36.000000000 +0200 +++ new/http-reverse-proxy-0.4.3.3/http-reverse-proxy.cabal 2017-03-13 11:19:23.000000000 +0100 @@ -1,5 +1,5 @@ name: http-reverse-proxy -version: 0.4.3.2 +version: 0.4.3.3 synopsis: Reverse proxy HTTP requests, either over raw sockets or with WAI description: Provides a simple means of reverse-proxying HTTP requests. The raw approach uses the same technique as leveraged by keter, whereas the WAI approach performs full request/response parsing via WAI and http-conduit. homepage: https://github.com/fpco/http-reverse-proxy diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/http-reverse-proxy-0.4.3.2/test/main.hs new/http-reverse-proxy-0.4.3.3/test/main.hs --- old/http-reverse-proxy-0.4.3.2/test/main.hs 2015-11-19 09:43:32.000000000 +0100 +++ new/http-reverse-proxy-0.4.3.3/test/main.hs 2017-03-13 11:18:23.000000000 +0100 @@ -1,6 +1,7 @@ {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE ScopedTypeVariables #-} import Blaze.ByteString.Builder (fromByteString) +import Control.Applicative ((<$>)) import Control.Concurrent (forkIO, killThread, newEmptyMVar, putMVar, takeMVar, threadDelay) import Control.Exception (IOException, bracket, @@ -8,6 +9,7 @@ import Control.Monad (forever, unless) import Control.Monad.IO.Class (liftIO) import Control.Monad.Trans.Resource (runResourceT) +import Data.Maybe (fromMaybe) import qualified Data.ByteString as S import qualified Data.ByteString.Char8 as S8 import qualified Data.ByteString.Lazy.Char8 as L8 @@ -27,11 +29,15 @@ import Network.HTTP.ReverseProxy (ProxyDest (..), WaiProxyResponse (..), defaultOnExc, rawProxyTo, + WaiProxySettings (..), + SetIpHeader (..), + def, + waiProxyToSettings, waiProxyTo) import Network.HTTP.Types (status200, status500) import Network.Socket (sClose) import Network.Wai (rawPathInfo, responseLBS, - responseStream) + responseStream, requestHeaders) import qualified Network.Wai import Network.Wai.Handler.Warp (defaultSettings, runSettings, setBeforeMainLoop, setPort) @@ -155,6 +161,48 @@ yield "GET / HTTP/1.1\r\nUpgrade: websockET\r\n\r\n" $$ appSink ad yield "hello" $$ appSink ad (appSource ad $$ CB.take 5) >>= (`shouldBe` "HELLO") + it "get real ip" $ + let getRealIp req = L8.fromStrict $ fromMaybe "" $ lookup "x-real-ip" (requestHeaders req) + httpWithForwardedFor url = liftIO $ do + man <- HC.newManager HC.tlsManagerSettings + oreq <- liftIO $ HC.parseUrl url + let req = oreq { HC.requestHeaders = [("X-Forwarded-For", "127.0.1.1, 127.0.0.1"), ("Connection", "close")] } + HC.responseBody <$> HC.httpLbs req man + waiProxyTo' getDest onError = waiProxyToSettings getDest def { wpsOnExc = onError, wpsSetIpHeader = SIHFromHeader } + in withMan $ \manager -> + withWApp (\r f -> f $ responseLBS status200 [] $ getRealIp r ) $ \port1 -> + withWApp (waiProxyTo' (const $ return $ WPRProxyDest $ ProxyDest "127.0.0.1" port1) defaultOnExc manager) $ \port2 -> + withCApp (rawProxyTo (const $ return $ Right $ ProxyDest "127.0.0.1" port2)) $ \port3 -> do + lbs <- httpWithForwardedFor $ "http://127.0.0.1:" ++ show port3 + lbs `shouldBe` "127.0.1.1" + it "get real ip 2" $ + let getRealIp req = L8.fromStrict $ fromMaybe "" $ lookup "x-real-ip" (requestHeaders req) + httpWithForwardedFor url = liftIO $ do + man <- HC.newManager HC.tlsManagerSettings + oreq <- liftIO $ HC.parseUrl url + let req = oreq { HC.requestHeaders = [("X-Forwarded-For", "127.0.1.1"), ("Connection", "close")] } + HC.responseBody <$> HC.httpLbs req man + waiProxyTo' getDest onError = waiProxyToSettings getDest def { wpsOnExc = onError, wpsSetIpHeader = SIHFromHeader } + in withMan $ \manager -> + withWApp (\r f -> f $ responseLBS status200 [] $ getRealIp r ) $ \port1 -> + withWApp (waiProxyTo' (const $ return $ WPRProxyDest $ ProxyDest "127.0.0.1" port1) defaultOnExc manager) $ \port2 -> + withCApp (rawProxyTo (const $ return $ Right $ ProxyDest "127.0.0.1" port2)) $ \port3 -> do + lbs <- httpWithForwardedFor $ "http://127.0.0.1:" ++ show port3 + lbs `shouldBe` "127.0.1.1" + it "get real ip 3" $ + let getRealIp req = L8.fromStrict $ fromMaybe "" $ lookup "x-real-ip" (requestHeaders req) + httpWithForwardedFor url = liftIO $ do + man <- HC.newManager HC.tlsManagerSettings + oreq <- liftIO $ HC.parseUrl url + let req = oreq { HC.requestHeaders = [("Connection", "close")] } + HC.responseBody <$> HC.httpLbs req man + waiProxyTo' getDest onError = waiProxyToSettings getDest def { wpsOnExc = onError, wpsSetIpHeader = SIHFromHeader } + in withMan $ \manager -> + withWApp (\r f -> f $ responseLBS status200 [] $ getRealIp r ) $ \port1 -> + withWApp (waiProxyTo' (const $ return $ WPRProxyDest $ ProxyDest "127.0.0.1" port1) defaultOnExc manager) $ \port2 -> + withCApp (rawProxyTo (const $ return $ Right $ ProxyDest "127.0.0.1" port2)) $ \port3 -> do + lbs <- httpWithForwardedFor $ "http://127.0.0.1:" ++ show port3 + lbs `shouldBe` "127.0.0.1" {- FIXME describe "waiToRaw" $ do it "works" $ do
participants (1)
-
root@hilbert.suse.de