[PATCH] Keep remote port unchanged if real address doesn't contain a port.
Zexuan Luo
spacewanderlzx at gmail.com
Mon Jan 20 12:27:42 UTC 2020
# HG changeset patch
# User spacewander <spacewanderlzx at gmail.com>
# Date 1579523127 -28800
# Mon Jan 20 20:25:27 2020 +0800
# Branch ident
# Node ID 86dbfc59e9c01608244c4fdc0d9a87fd9d330648
# Parent 4fb5603514f2d324c50cb7e12c6ed0dc8935de0f
Keep remote port unchanged if real address doesn't contain a port.
Previously, when the request comes from a trusted address and it doesn't
contain
the port part, the $remote_port will be empty.
This change has two advantages:
1. no need to write your own fallback with $remote_port and
$realip_remote_port.
2. the $remote_port in the existent code doesn't need to be changed.
diff -r 4fb5603514f2 -r 86dbfc59e9c0 src/http/ngx_http_core_module.c
--- a/src/http/ngx_http_core_module.c Thu Apr 18 17:59:00 2019 +0800
+++ b/src/http/ngx_http_core_module.c Mon Jan 20 20:25:27 2020 +0800
@@ -2683,6 +2683,12 @@
return NGX_DECLINED;
}
+ in_port_t port = ngx_inet_get_port(paddr.sockaddr);
+ if (port == 0) {
+ port = ngx_inet_get_port(addr->sockaddr);
+ ngx_inet_set_port(paddr.sockaddr, port);
+ }
+
*addr = paddr;
if (recursive && p > xff) {
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20200120/b235a496/attachment.htm>
More information about the nginx-devel
mailing list