[tor-bugs] #13171 [meek]: meek's reflector should forward the client's IP address/port to the bridge.

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Dec 14 10:20:50 UTC 2015 

#13171: meek's reflector should forward the client's IP address/port to the bridge.
-------------------------+------------------------------
 Reporter:  yawning      |          Owner:  dcf
     Type:  enhancement  |         Status:  needs_review
 Priority:  Medium       |      Milestone:
Component:  meek         |        Version:
 Severity:  Normal       |     Resolution:
 Keywords:               |  Actual Points:
Parent ID:               |         Points:
  Sponsor:               |
-------------------------+------------------------------
Changes (by dcf):

 * status:  new => needs_review
 * severity:   => Normal


Comment:

 Here's a branch for review:
   https://gitweb.torproject.org/pluggable-
 transports/meek.git/log/?h=bug13171
   https://gitweb.torproject.org/pluggable-
 transports/meek.git/diff/?h=bug13171&id=5a6b70d22574f4720cd71b2e47a18fe73cdb8e11&id2=ed3e8c9b0c34db38ffcd99a0d38d7d4fc1785a62
 It adds support for reading `X-Forwarded-For`, which is set by the Amazon
 and Azure CDNs, to meek-server. Additionally it recognizes a new made-up
 header `Meek-IP` as a synonym for `X-Forwarded-For`, for App Engine which
 [https://cloud.google.com/appengine/docs/go/urlfetch/#Go_Request_headers
 does not allow you to set X-Forwarded-For]:
   For security reasons, the following headers cannot be modified by the
 application: `Content-Length`, `Host`, `Vary`, `Via`, `X-Appengine-
 Inbound-Appid`, `X-Forwarded-For`, `X-ProxyUser-IP`.
 In the absence of an `X-Forwarded-For` or `Meek-IP` header, we fall back
 (as before) on the client's source address
 ([https://golang.org/pkg/net/http/#Request Request.RemoteAddr]). If one of
 the headers is present but cannot be parsed, we ''do not'' fall back to
 `Request.RemoteAddr`, because in that case we do not know what the true
 client address is, but it is probably different from `Request.RemoteAddr`.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13171#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list