Re: Here is a patch for correct X-Forwarded-For: headers

While trying to reproduce the problem for C. Carstensen,
we have figured out the problem did only appear with very few
simultaous connections. But on our server there is at daytime
always a minimum of 150 clients. I did not try it at night.

We have started a second pen (same binary) on a separat port for testing,
(maximum 4 simultanous clients) but the problem did not appear here.

First we thought it was because Mozilla browsers never send post
requests inside one tcp packet. But the first patch C. has written for us
did not work, thats why packet fragmentation seems to be not the only problem:

*** pen.c.orig Wed Mar 8 03:28:45 2006
--- pen.c Wed Mar 8 03:28:50 2006
***************
*** 832,847 ****
          char *q;
          char p[BUFFER_MAX];
          int pl;
  
          b[n] = '\0';
  
          if (debuglevel > 1) debug("rewrite_request(%d, %d, %s)", i, n, b);
  
! if (pen_strncasecmp(b, "GET ", 4) &&
! pen_strncasecmp(b, "POST ", 5) &&
! pen_strncasecmp(b, "HEAD ", 5)) {
! return n; /* You can't touch this */
          }
          if (debuglevel) debug("Looking for CRLFCRLF");
          q = strstr(b, "\r\n\r\n");
          /* Steve Hall <steveh_at_intrapower.com.au> tells me that
--- 832,851 ----
          char *q;
          char p[BUFFER_MAX];
          int pl;
+ static int in_header = 0;
  
          b[n] = '\0';
  
          if (debuglevel > 1) debug("rewrite_request(%d, %d, %s)", i, n, b);
  
! if (!(pen_strncasecmp(b, "GET ", 4) &&
! pen_strncasecmp(b, "POST ", 5) &&
! pen_strncasecmp(b, "HEAD ", 5))) {
! in_header = 1;
! } else if (!in_header) {
! return n;
          }
+
          if (debuglevel) debug("Looking for CRLFCRLF");
          q = strstr(b, "\r\n\r\n");
          /* Steve Hall <steveh_at_intrapower.com.au> tells me that
***************
*** 854,859 ****
--- 858,866 ----
  #if 0 /* how is that supposed to happen? */
          if (q >= b+n) return n; /* outside of buffer */
  #endif
+
+ in_header = 0;
+
          /* Look for existing X-Forwarded-For */
          if (debuglevel) debug("Looking for X-Forwarded-For");
  

I'm glad you want to include the other patch or parts of it
in a future release.

Regards
Sirko Zidlewitz

--
/7\ bytecamp GmbH / Managing Director
Geschwister-Scholl-Str. 10, 14776 Brandenburg a.d. Havel, Germany
tel +49 3381 79637-0 werktags 10-12,13-17 Uhr, fax +49 3381 79637-20
mail sz@bytecamp.net, web http://bytecamp.net/