From 4019e06f568fd9b1869bc3f9b02d09756ecdc706 Mon Sep 17 00:00:00 2001 From: Sida Chen Date: Mon, 5 Jun 2017 18:02:56 -0400 Subject: [PATCH] api: fix remote addr shows reverse proxy addr problem Uses the first ip addr in X-forwarded-for as the client's remote addr if it exists otherwise, fall back to use default http.Request.RemoteAddr --- api/httputil/httputil.go | 24 ++++++++++++++++++++++++ api/router.go | 3 ++- api/v1/router.go | 3 ++- 3 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 api/httputil/httputil.go diff --git a/api/httputil/httputil.go b/api/httputil/httputil.go new file mode 100644 index 0000000000..36bfe8c155 --- /dev/null +++ b/api/httputil/httputil.go @@ -0,0 +1,24 @@ +package httputil + +import ( + "net" + "net/http" + "strings" +) + +// GetClientAddr returns the first value in X-Forwarded-For if it exists +// otherwise fall back to use RemoteAddr +func GetClientAddr(r *http.Request) string { + addr := r.RemoteAddr + if s := r.Header.Get("X-Forwarded-For"); s != "" { + ips := strings.Split(s, ",") + // assume the first one is the client address + if len(ips) != 0 { + // validate the ip + if realIP := net.ParseIP(ips[0]); realIP != nil { + addr = strings.TrimSpace(ips[0]) + } + } + } + return addr +} diff --git a/api/router.go b/api/router.go index bd81d93e95..59ebf96be9 100644 --- a/api/router.go +++ b/api/router.go @@ -21,6 +21,7 @@ import ( "github.com/julienschmidt/httprouter" log "github.com/sirupsen/logrus" + "github.com/coreos/clair/api/httputil" "github.com/coreos/clair/api/v1" "github.com/coreos/clair/database" ) @@ -53,7 +54,7 @@ func (rtr router) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } - log.WithFields(log.Fields{"status": http.StatusNotFound, "method": r.Method, "request uri": r.RequestURI, "remote addr": r.RemoteAddr}).Info("Served HTTP request") + log.WithFields(log.Fields{"status": http.StatusNotFound, "method": r.Method, "request uri": r.RequestURI, "remote addr": httputil.GetClientAddr(r)}).Info("Served HTTP request") http.NotFound(w, r) } diff --git a/api/v1/router.go b/api/v1/router.go index faeed9a5f2..d5e93eeb52 100644 --- a/api/v1/router.go +++ b/api/v1/router.go @@ -24,6 +24,7 @@ import ( "github.com/prometheus/client_golang/prometheus" log "github.com/sirupsen/logrus" + "github.com/coreos/clair/api/httputil" "github.com/coreos/clair/database" ) @@ -54,7 +55,7 @@ func httpHandler(h handler, ctx *context) httprouter.Handle { WithLabelValues(route, statusStr). Observe(float64(time.Since(start).Nanoseconds()) / float64(time.Millisecond)) - log.WithFields(log.Fields{"remote addr": r.RemoteAddr, "method": r.Method, "request uri": r.RequestURI, "status": statusStr, "elapsed time": time.Since(start)}).Info("Handled HTTP request") + log.WithFields(log.Fields{"remote addr": httputil.GetClientAddr(r), "method": r.Method, "request uri": r.RequestURI, "status": statusStr, "elapsed time": time.Since(start)}).Info("Handled HTTP request") } }