subject:"svn commit\: r1549524 \- in \/tomcat\/trunk\: java\/org\/apache\/catalina\/filters\/RemoteIpFilter.java java\/org\/apache\/catalina\/valves\/RemoteIpValve.java webapps\/docs\/config\/filter.xml webapps\/docs\/config\/"

svn commit: r1549524 - in /tomcat/trunk: java/org/apache/catalina/filters/RemoteIpFilter.java java/org/apache/catalina/valves/RemoteIpValve.java webapps/docs/config/filter.xml webapps/docs/config/valv

2013-12-09 Thread markt

Author: markt
Date: Mon Dec  9 09:48:42 2013
New Revision: 1549524

URL: http://svn.apache.org/r1549524
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55820
Include the 172.16/12 range in the default value for internal proxies.

Modified:
tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
tomcat/trunk/webapps/docs/config/filter.xml
tomcat/trunk/webapps/docs/config/valve.xml

Modified: tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java?rev=1549524r1=1549523r2=1549524view=diff
==
--- tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java (original)
+++ tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java Mon Dec  
9 09:48:42 2013
@@ -107,9 +107,12 @@ import org.apache.juli.logging.LogFactor
  * tdRemoteIPInternalProxy/td
  * tdRegular expression (in the syntax supported by
  * {@link java.util.regex.Pattern java.util.regex})/td
- * 
td10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
 br/
- * By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 172.16/12 
has not been enabled by default because it is complex to
- * describe with regular expressions/td
+ * td10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|
+ * 169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|
+ * 172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|
+ * 172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
+ * br/
+ * By default, 10/8, 192.168/16, 169.254/16, 127/8 and 172.16/12 are 
allowed./td
  * /tr
  * /tr
  * tr
@@ -695,7 +698,10 @@ public class RemoteIpFilter implements F
 10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}| +
 192\\.168\\.\\d{1,3}\\.\\d{1,3}| +
 169\\.254\\.\\d{1,3}\\.\\d{1,3}| +
-127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3});
+127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}| +
+172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}| +
+172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}| +
+172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3});
 
 /**
  * @see #setProtocolHeader(String)

Modified: tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java?rev=1549524r1=1549523r2=1549524view=diff
==
--- tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java (original)
+++ tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java Mon Dec  9 
09:48:42 2013
@@ -88,9 +88,12 @@ import org.apache.juli.logging.LogFactor
  * tdRemoteIPInternalProxy/td
  * tdRegular expression (in the syntax supported by
  * {@link java.util.regex.Pattern java.util.regex})/td
- * 
td10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}br/
- * By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 172.16/12 
has not been enabled by default because it is complex to
- * describe with regular expressions/td
+ * td10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|
+ * 169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|
+ * 172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|
+ * 172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
+ * br/
+ * By default, 10/8, 192.168/16, 169.254/16, 127/8 and 172.16/12 are 
allowed./td
  * /tr
  * /tr
  * tr
@@ -406,7 +409,10 @@ public class RemoteIpValve extends Valve
 10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}| +
 192\\.168\\.\\d{1,3}\\.\\d{1,3}| +
 169\\.254\\.\\d{1,3}\\.\\d{1,3}| +
-127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3});
+127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}| +
+172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}| +
+172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}| +
+172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3});
 
 /**
  * @see #setProtocolHeader(String)

Modified: tomcat/trunk/webapps/docs/config/filter.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=1549524r1=1549523r2=1549524view=diff
==
--- tomcat/trunk/webapps/docs/config/filter.xml (original)
+++ tomcat/trunk/webapps/docs/config/filter.xml Mon Dec  9 09:48:42 2013
@@ -1202,7 +1202,7 @@ FINE: Request /docs/config/manager.html
 Internal proxies that appear in the strongremoteIpHeader/strong 
will
 be trusted and will not appear in the strongproxiesHeader/strong
 value. If not specified the default value of code
-

Re: svn commit: r1549524 - in /tomcat/trunk: java/org/apache/catalina/filters/RemoteIpFilter.java java/org/apache/catalina/valves/RemoteIpValve.java webapps/docs/config/filter.xml webapps/docs/config/

2013-12-09 Thread Konstantin Kolinko

2013/12/9  ma...@apache.org:
 Author: markt
 Date: Mon Dec  9 09:48:42 2013
 New Revision: 1549524

 URL: http://svn.apache.org/r1549524
 Log:
 Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55820
 Include the 172.16/12 range in the default value for internal proxies.

 Modified:
 tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
 tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
 tomcat/trunk/webapps/docs/config/filter.xml
 tomcat/trunk/webapps/docs/config/valve.xml

 Modified: tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
 URL: 
 http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java?rev=1549524r1=1549523r2=1549524view=diff
 ==
 --- tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java 
 (original)
 +++ tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java Mon Dec 
  9 09:48:42 2013
 @@ -107,9 +107,12 @@ import org.apache.juli.logging.LogFactor
   * tdRemoteIPInternalProxy/td
   * tdRegular expression (in the syntax supported by
   * {@link java.util.regex.Pattern java.util.regex})/td
 - * 
 td10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
  br/
 - * By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 
 172.16/12 has not been enabled by default because it is complex to
 - * describe with regular expressions/td
 + * td10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|
 + * 169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|
 + * 172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|
 + * 172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}

I think the {1} above is superfluous, as that is the default
cardinality. It may need a test, though.

 + * br/
 + * By default, 10/8, 192.168/16, 169.254/16, 127/8 and 172.16/12 are 
 allowed./td
   * /tr
   * /tr
   * tr
 @@ -695,7 +698,10 @@ public class RemoteIpFilter implements F
  10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}| +
  192\\.168\\.\\d{1,3}\\.\\d{1,3}| +
  169\\.254\\.\\d{1,3}\\.\\d{1,3}| +
 -127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3});
 +127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}| +
 +172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}| +
 +172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}| +
 +172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3});

  /**
   * @see #setProtocolHeader(String)

 Modified: tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
 URL: 
 http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java?rev=1549524r1=1549523r2=1549524view=diff
 ==
 --- tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java (original)
 +++ tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java Mon Dec  
 9 09:48:42 2013
 @@ -88,9 +88,12 @@ import org.apache.juli.logging.LogFactor
   * tdRemoteIPInternalProxy/td
   * tdRegular expression (in the syntax supported by
   * {@link java.util.regex.Pattern java.util.regex})/td
 - * 
 td10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}br/
 - * By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 
 172.16/12 has not been enabled by default because it is complex to
 - * describe with regular expressions/td
 + * td10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|
 + * 169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|
 + * 172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|
 + * 172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
 + * br/
 + * By default, 10/8, 192.168/16, 169.254/16, 127/8 and 172.16/12 are 
 allowed./td
   * /tr
   * /tr
   * tr
 @@ -406,7 +409,10 @@ public class RemoteIpValve extends Valve
  10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}| +
  192\\.168\\.\\d{1,3}\\.\\d{1,3}| +
  169\\.254\\.\\d{1,3}\\.\\d{1,3}| +
 -127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3});
 +127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}| +
 +172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}| +
 +172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}| +
 +172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3});

  /**
   * @see #setProtocolHeader(String)

 Modified: tomcat/trunk/webapps/docs/config/filter.xml
 URL: 
 http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=1549524r1=1549523r2=1549524view=diff
 ==
 --- tomcat/trunk/webapps/docs/config/filter.xml (original)
 +++ tomcat/trunk/webapps/docs/config/filter.xml Mon Dec  9 09:48:42 2013
 @@ -1202,7 +1202,7 @@ FINE: Request /docs/config/manager.html
  Internal proxies that appear in the strongremoteIpHeader/strong 
 will
  be trusted

svn commit: r1549524 - in /tomcat/trunk: java/org/apache/catalina/filters/RemoteIpFilter.java java/org/apache/catalina/valves/RemoteIpValve.java webapps/docs/config/filter.xml webapps/docs/config/valv

Re: svn commit: r1549524 - in /tomcat/trunk: java/org/apache/catalina/filters/RemoteIpFilter.java java/org/apache/catalina/valves/RemoteIpValve.java webapps/docs/config/filter.xml webapps/docs/config/

2 matches

Site Navigation

Mail list logo

Footer information