[
https://issues.apache.org/jira/browse/TS-3485?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15271528#comment-15271528
]
ASF GitHub Bot commented on TS-3485:
------------------------------------
Github user bryancall commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/614#discussion_r62123967
--- Diff: proxy/http2/Http2SessionAccept.cc ---
@@ -38,19 +39,25 @@ Http2SessionAccept::~Http2SessionAccept()
void
Http2SessionAccept::accept(NetVConnection *netvc, MIOBuffer *iobuf,
IOBufferReader *reader)
{
+ sockaddr const *client_ip = netvc->get_remote_addr();
+ const AclRecord *session_acl_record = testIpAllowPolicy(client_ip);
+ if (!session_acl_record) {
+ ip_port_text_buffer ipb;
+ Warning("HTTP/2 client '%s' prohibited by ip-allow policy",
ats_ip_ntop(client_ip, ipb, sizeof(ipb)));
+ netvc->do_io_close();
+ return;
+ }
--- End diff --
There is an extra space at the end of this line.
> We should honor ip_allow.config ACLs for HTTP/2 streams
> -------------------------------------------------------
>
> Key: TS-3485
> URL: https://issues.apache.org/jira/browse/TS-3485
> Project: Traffic Server
> Issue Type: Bug
> Components: HTTP/2
> Reporter: Leif Hedstrom
> Assignee: Susan Hinrichs
> Fix For: 7.0.0
>
>
> From the comments:
> {code}
> // XXX we need to refactor the ACL checks from HttpSessionAccept so that we
> can invoke them here, and also in
> // the SPDY protocol layer ...
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
