Advertisement
raja_malam72

squid_forgery.patch

Jun 15th, 2014
1,303
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. --- a/src/client_side_request.cc
  2. +++ b/src/client_side_request.cc
  3. @@ -544,6 +544,16 @@
  4.                  return;
  5.              }
  6.              debugs(85, 3, HERE << "validate IP " << clientConn->local << " non-match from Host: IP " << ia->in_addrs[i]);
  7. +   }
  8. +
  9. +        if (true) {
  10. +            unsigned short port = clientConn->local.port();
  11. +            debugs(85, 3, HERE << "[anti-forgery] Host-non-matched remote IP (" << clientConn->local << ") was replaced with the first Host resolved IP (" << ia->in_addrs[0] << ":" << clientConn->local.port() << ")");
  12. +            clientConn->local = ia->in_addrs[0];
  13. +            clientConn->local.port(port);
  14. +            http->request->flags.hostVerified = true;
  15. +            http->doCallouts();
  16. +            return;
  17.          }
  18.      }
  19.      debugs(85, 3, HERE << "FAIL: validate IP " << clientConn->local << " possible from Host:");
Advertisement
RAW Paste Data Copied
Advertisement