Merge tag 'upstream/0.2'
Upstream version 0.2
This commit is contained in:
commit
1cf12e925f
@ -7,8 +7,10 @@ compiler:
|
||||
install:
|
||||
# for unit tests
|
||||
- sudo apt-get install -y check
|
||||
- sudo apt-get install -y libsubunit-dev
|
||||
# for static code analysis
|
||||
- sudo apt-get install -y cppcheck rats
|
||||
# - sudo apt-get install -y cppcheck
|
||||
# - sudo apt-get install -y rats
|
||||
# for test code coverage
|
||||
- sudo apt-get install -y lcov
|
||||
- gem install coveralls-lcov
|
||||
@ -23,8 +25,8 @@ script:
|
||||
- git clone --depth 10 https://github.com/proftpd/proftpd.git
|
||||
- cp mod_proxy_protocol.c proftpd/contrib/
|
||||
- cd proftpd
|
||||
- ./configure LIBS="-lm -lrt -pthread" --enable-devel=coverage --enable-tests --with-module=mod_proxy_protocol
|
||||
- ./configure LIBS="-lm -lsubunit -lrt -pthread" --enable-devel=coverage --enable-tests --with-module=mod_proxy_protocol
|
||||
- make
|
||||
- make clean
|
||||
- ./configure LIBS="-lm -lrt -pthread" --enable-devel=coverage --enable-dso --enable-tests --with-shared=mod_proxy_protocol
|
||||
- ./configure LIBS="-lm -lsubunit -lrt -pthread" --enable-devel=coverage --enable-dso --enable-tests --with-shared=mod_proxy_protocol
|
||||
- make
|
||||
|
@ -1,6 +1,6 @@
|
||||
/*
|
||||
* ProFTPD - mod_proxy_protocol
|
||||
* Copyright (c) 2013-2017 TJ Saunders
|
||||
* Copyright (c) 2013-2020 TJ Saunders
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@ -26,7 +26,11 @@
|
||||
#include "conf.h"
|
||||
#include "privs.h"
|
||||
|
||||
#define MOD_PROXY_PROTOCOL_VERSION "mod_proxy_protocol/0.1"
|
||||
#ifdef HAVE_SYS_UIO_H
|
||||
# include <sys/uio.h>
|
||||
#endif /* HAVE_SYS_UIO_H */
|
||||
|
||||
#define MOD_PROXY_PROTOCOL_VERSION "mod_proxy_protocol/0.2"
|
||||
|
||||
/* Make sure the version of proftpd is as necessary. */
|
||||
#if PROFTPD_VERSION_NUMBER < 0x0001030504
|
||||
|
@ -140,6 +140,27 @@ of <code>LoadModule</code> directives; the last of which would be:
|
||||
LoadModule mod_proxy_protocol.c
|
||||
</pre>
|
||||
|
||||
<b>Note</b> that using <code>mod_proxy_protocol</code> as a shared module
|
||||
is <i>required</i> in cases where you want to use both
|
||||
<code>mod_proxy_protocol</code> <i>and</i> <code>mod_ifsession</code>. For
|
||||
example, perhaps you want to use <code>mod_ifsession</code> to change the
|
||||
behavior of some module, <i>e.g.</i> <code>mod_ban</code>, based on the IP
|
||||
address of the original client. This means that <code>mod_proxy_protocol</code>
|
||||
would need to hande the connection <i>first</i>, so that it can decode the
|
||||
<code>PROXY</code> protocol and set the correct client IP address.
|
||||
<i>However</i>, the ProFTPD build system is hardcoded to ensure that the
|
||||
<code>mod_ifsession</code> will always be first -- <i>if</i> using static
|
||||
modules. By using <i>shared</i> modules, you can enforce the proper ordering
|
||||
using the <code>LoadModule</code> directive, like so:
|
||||
<pre>
|
||||
<IfModule mod_dso.c>
|
||||
...
|
||||
LoadModule mod_ifsession.c
|
||||
LoadModule mod_proxy_protocol.c
|
||||
</IfModule>
|
||||
</pre>
|
||||
The <i>last</i> module loaded will be the <i>first</i> module called.
|
||||
|
||||
<p>
|
||||
<b>Trusting Senders of Proxy Data</b><br>
|
||||
Use of these proxy protocols means changes in audit trails and/or client
|
||||
@ -227,11 +248,10 @@ to your existing server:
|
||||
<p>
|
||||
<hr>
|
||||
<font size=2><b><i>
|
||||
© Copyright 2013-2017 TJ Saunders<br>
|
||||
© Copyright 2013-2019 TJ Saunders<br>
|
||||
All Rights Reserved<br>
|
||||
</i></b></font>
|
||||
|
||||
<hr>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user