[meek/master] Recognize Meek-IP as a synonym of X-Forwarded-For.

20 Dec 2015

commit edcca4e9f53a2858325dedf901bef54d4d9a8b71
Author: David Fifield <david@bamsoftware.com>
Date:   Mon Dec 14 01:55:10 2015 -0800

    Recognize Meek-IP as a synonym of X-Forwarded-For.
    
    With higher precedence.
---
 meek-server/useraddr.go      |    5 ++++-
 meek-server/useraddr_test.go |   34 +++++++++++++++++++++++++++++++++-
 2 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/meek-server/useraddr.go b/meek-server/useraddr.go
index 680a6d8..a01944b 100644
--- a/meek-server/useraddr.go
+++ b/meek-server/useraddr.go
@@ -29,7 +29,10 @@ func originalClientIP(req *http.Request) (net.IP, error) {
 	var host string
 	var err error
 
-	xForwardedFor := req.Header.Get("X-Forwarded-For")
+	xForwardedFor := req.Header.Get("Meek-IP")
+	if xForwardedFor == "" {
+		xForwardedFor = req.Header.Get("X-Forwarded-For")
+	}
 	if xForwardedFor != "" {
 		host, err = getXForwardedFor(xForwardedFor)
 	} else {
diff --git a/meek-server/useraddr_test.go b/meek-server/useraddr_test.go
index d603031..3f975fa 100644
--- a/meek-server/useraddr_test.go
+++ b/meek-server/useraddr_test.go
@@ -45,7 +45,8 @@ func TestOriginalClientIPRemoteAddr(t *testing.T) {
 	}
 }
 
-// Test that originalClientIP reads the X-Forwarded-For header if present.
+// Test that originalClientIP reads the Meek-IP and X-Forwarded-For headers if
+// present.
 func TestOriginalClientXForwardedFor(t *testing.T) {
 	tests := []struct {
 		XForwardedFor string
@@ -73,6 +74,8 @@ func TestOriginalClientXForwardedFor(t *testing.T) {
 		req := &http.Request{
 			Header: make(http.Header),
 		}
+		req.Header.Set("Meek-IP", test.XForwardedFor)
+		checkExpected(t, req, test.Expected)
 		req.Header.Set("X-Forwarded-For", test.XForwardedFor)
 		checkExpected(t, req, test.Expected)
 	}
@@ -99,6 +102,24 @@ func TestOriginalClientPrecedence(t *testing.T) {
 			http.Request{
 				RemoteAddr: "5.6.7.8:5678",
 				Header: http.Header{
+					http.CanonicalHeaderKey("Meek-IP"): []string{"1.2.3.4"},
+				},
+			},
+			net.IPv4(1, 2, 3, 4),
+		},
+		{
+			http.Request{
+				RemoteAddr: "5.6.7.8:5678",
+				Header: http.Header{
+					http.CanonicalHeaderKey("Meek-IP"): []string{"1:2::3:4"},
+				},
+			},
+			net.IP{0, 1, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 4},
+		},
+		{
+			http.Request{
+				RemoteAddr: "5.6.7.8:5678",
+				Header: http.Header{
 					http.CanonicalHeaderKey("X-Forwarded-For"): []string{"1.2.3.4"},
 				},
 			},
@@ -113,6 +134,17 @@ func TestOriginalClientPrecedence(t *testing.T) {
 			},
 			net.IP{0, 1, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 4},
 		},
+		// Meek-IP has precedence over X-Forwarded-For if both are set.
+		{
+			http.Request{
+				RemoteAddr: "5.6.7.8:5678",
+				Header: http.Header{
+					http.CanonicalHeaderKey("Meek-IP"):         []string{"1.2.3.4"},
+					http.CanonicalHeaderKey("X-Forwarded-For"): []string{"2.2.2.2"},
+				},
+			},
+			net.IPv4(1, 2, 3, 4),
+		},
 		// X-Forwarded-For shadows RemoteAddr, even if bad syntax.
 		{
 			http.Request{

    

dcf＠torproject.org

tags

participants (1)