[Bug 494] New - The logging used by IMP does not log the real IP address of users behind a proxy

bugs@bugs.horde.org bugs@bugs.horde.org
Wed, 11 Oct 2000 09:45:34 -0300

Previous message: [bugs] [Bug 492] Changed - Javascript error due to an small typo in imp-2.2.3/locale/fr/message.lang
Next message: [Bug 495] New - scripts/database/*.sql field length error (sid)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://bugs.horde.org/show_bug.cgi?id=494

*** shadow/494	Wed Oct 11 09:45:34 2000
--- shadow/494.tmp.20586	Wed Oct 11 09:45:34 2000
***************
*** 0 ****
--- 1,53 ----
+ Bug#: 494
+ Product: Horde
+ Version: 2.2 Stable
+ Platform: PHP Code
+ OS/Version: Linux
+ Status: NEW   
+ Resolution: 
+ Severity: enhancement
+ Priority: P3
+ Component: IMP
+ Area: BUILD
+ AssignedTo: chuck@horde.org                            
+ ReportedBy: benoit@proxad.net               
+ URL: 
+ Summary: The logging used by IMP does not log the real IP address of users behind a proxy
+ 
+ Some proxies provides a variable in the http headers to give the real IP address
+ of the user behind the proxy (NetCache and Squid does that).
+ 
+ It could be a good idea to log also this information into syslog but AFAIK,
+ there is no standard for the X-Forwarded-For: header so you must test that the
+ information given looks like an real Internet address.
+ 
+ The patch included below work with my configuration (Linux/Apache/Php3/Netcache)
+ and use the PCRE to validate the variable :
+ diff -uNr imp-2.2.3-vanilla/mailbox.php3 imp-2.2.3/mailbox.php3
+ --- imp-2.2.3-vanilla/mailbox.php3      Thu Sep 21 11:32:12 2000
+ +++ imp-2.2.3/mailbox.php3      Wed Oct 11 14:35:38 2000
+ @@ -234,8 +234,12 @@
+                         openlog($default->log_ident, LOG_PID,
+ $default->log_stats_facil);
+                         if ($default->log_stats)
+                                 syslog($default->log_prio, "mailbox.php3
+ $REMOTE_ADDR login SUCCESS $imp->server:$imp->port as $imp->user $language");
+ -                       if ($default->log_auth)
+ -                               syslog($default->log_prio |
+ $default->log_auth_facil, "Login $REMOTE_ADDR to $imp->server:$imp->port as
+ $imp->user");
+ +                       if ($default->log_auth) {
+ +                               if (($HTTP_X_FORWARDED_FOR) && (preg_match
+ ("/^[0-9.]{8,16}$/", $HTTP_X_FORWARDED_FOR)))
+ +                                       syslog($default->log_prio |
+ $default->log_auth_facil, "Login $REMOTE_ADDR ($HTTP_X_FORWARDED_FOR) to
+ $imp->server:$imp->port as $imp->user");
+ +                               else
+ +                                       syslog($default->log_prio |
+ $default->log_auth_facil, "Login $REMOTE_ADDR to $imp->server:$imp->port as
+ $imp->user");
+ +                               }
+                         closelog();
+                 }
+                 break;
+

Previous message: [bugs] [Bug 492] Changed - Javascript error due to an small typo in imp-2.2.3/locale/fr/message.lang
Next message: [Bug 495] New - scripts/database/*.sql field length error (sid)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]