diff --git a/README.TXT b/README.TXT index d11de7d..c2deaeb 100644 --- a/README.TXT +++ b/README.TXT @@ -2,7 +2,7 @@ Quality of service module for Apache Web Server. http://mod-qos.sourceforge.net/ - Copyright (C) 2023 Pascal Buchbinder + Copyright (C) 2025 Pascal Buchbinder Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with diff --git a/apache2/mod_qos.c b/apache2/mod_qos.c index cef1cf9..7175e51 100644 --- a/apache2/mod_qos.c +++ b/apache2/mod_qos.c @@ -20,7 +20,7 @@ * See http://mod-qos.sourceforge.net/ for further * details and to obtain the latest version of this module. * - * Copyright (C) 2023 Pascal Buchbinder + * Copyright (C) 2025 Pascal Buchbinder * * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with @@ -42,8 +42,8 @@ /************************************************************************ * Version ***********************************************************************/ -static const char revision[] = "$Id: mod_qos.c 2706 2023-05-16 19:52:59Z pbuchbinder $"; -static const char g_revision[] = "11.74"; +static const char revision[] = "$Id: mod_qos.c 2724 2025-01-03 15:05:21Z pbuchbinder $"; +static const char g_revision[] = "11.76"; /************************************************************************ * Includes @@ -1984,6 +1984,20 @@ static const char *qos_forwardedfor_fromSSL(request_rec *r) { return NULL; } +static const char *qos_forwardedfor_fromUserAgentIP(request_rec *r) { + const char *useragent_ip = NULL; +#if (AP_SERVER_MINORVERSION_NUMBER == 4) && (AP_SERVER_PATCHLEVEL_NUMBER > 18) + useragent_ip = r->useragent_ip; +#endif + if(QS_ISDEBUG(r->server)) { + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, + QOS_LOGD_PFX"fromUserAgentIP() USERAGENT_IP=%s, id=%s", + useragent_ip == NULL ? "null" : useragent_ip, + qos_unique_id(r, NULL)); + } + return useragent_ip; +} + static const char *qos_pseudoip(request_rec *r, const char *header) { const char *forwardedfor = NULL; if(strcmp("SSL_CLIENT_S_DN", header) == 0) { @@ -1998,13 +2012,14 @@ static const char *qos_pseudoip(request_rec *r, const char *header) { } static const char *qos_forwardedfor(request_rec *r, const char *header) { - const char *forwardedfor = NULL; if(header[0] == '#') { - forwardedfor = qos_pseudoip(r, &header[1]); + if(strcmp("USERAGENT_IP", &header[1]) == 0) { + return qos_forwardedfor_fromUserAgentIP(r); + } + return qos_pseudoip(r, &header[1]); } else { - forwardedfor = qos_forwardedfor_fromHeader(r, header); + return qos_forwardedfor_fromHeader(r, header); } - return forwardedfor; } /** @@ -3434,6 +3449,7 @@ static int qos_return_error_andclose(conn_rec *connection, apr_socket_t *socket) if(c->cs) { c->cs->state = CONN_STATE_LINGER; } + apr_table_setn(c->notes, "short-lingering-close", "1"); apr_table_set(c->notes, QS_CONN_ABORT, QS_CONN_ABORT); if (m_forced_close == 0) { return DECLINED; @@ -8704,6 +8720,7 @@ static int qos_pre_connection(conn_rec *connection, void *skt) { if(c->cs) { c->cs->state = CONN_STATE_LINGER; } + apr_table_setn(c->notes, "short-lingering-close", "1"); apr_table_set(c->notes, QS_CONN_ABORT, QS_CONN_ABORT); if (m_forced_close == 0) { ret = DECLINED; diff --git a/apache2/mod_qos.h b/apache2/mod_qos.h index 3372abe..4606439 100644 --- a/apache2/mod_qos.h +++ b/apache2/mod_qos.h @@ -15,7 +15,7 @@ * See http://mod-qos.sourceforge.net/ for further * details. * - * Copyright (C) 2023 Pascal Buchbinder + * Copyright (C) 2025 Pascal Buchbinder * * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with diff --git a/doc/CHANGES.txt b/doc/CHANGES.txt index 5fd53bc..9c83dab 100644 --- a/doc/CHANGES.txt +++ b/doc/CHANGES.txt @@ -1,12 +1,27 @@ +Version 11.76 + + - Setting connection note short-lingering-close when aborting connection (to + improve connection close behavior when using MPM event). + + - Removes outdated utilities from the distribution package: qsfilter2, + qspng, qsrotate, qssign, qstail, qshead, qsgrep, qsexec, qscheck, qslogger, + and qsdt. + +Version 11.75 + + - QS_ClientIpFromHeader supports other modules (e.g. mod_remoteip) setting + a client address to the request record when using the special header + name #USERAGENT_IP. + Version 11.74 -- Fixed: Potential counter overflow for early event detection - (increment before block) or log only mode. + - Fixed: Potential counter overflow for early event detection + (increment before block) or log only mode. Version 11.73 - This release introduces support of the PCRE2 (10.x) library in place of - the now end-of-life PCRE version 1 (8.x) API. + This release introduces support of the PCRE2 (10.x) library in place of + the now end-of-life PCRE version 1 (8.x) API. - Removes PCRE API dependency from mod_qos.c. The module no longer has an explicit dependency to the PCRE library but uses ap_pregcomp(), diff --git a/doc/MESSAGES.txt b/doc/MESSAGES.txt index 3afdb29..8385a5e 100644 --- a/doc/MESSAGES.txt +++ b/doc/MESSAGES.txt @@ -1,4 +1,4 @@ -mod_qos version 11.74 +mod_qos version 11.76 mod_qos(001): QS_ClientEventLimitCount directives can't be added/removed by graceful restart. A server restart is required to apply the new configuration! mod_qos(002): failed to create shared memory (ACT)(%s): %s (%lu bytes) mod_qos(002): failed to create shared memory (client control)(%s): %s (%d bytes) diff --git a/doc/glossary.html b/doc/glossary.html index 66ddc49..1c74fce 100644 --- a/doc/glossary.html +++ b/doc/glossary.html @@ -32,7 +32,7 @@ See http://mod-qos.sourceforge.net/ for further details. - Copyright (C) 2023 Pascal Buchbinder + Copyright (C) 2025 Pascal Buchbinder Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with @@ -598,6 +598,6 @@ You can use the spreadsheet program of your choice to process the output:


-© 2023, Pascal Buchbinder +© 2024, Pascal Buchbinder diff --git a/doc/headerfilterrules.txt b/doc/headerfilterrules.txt index 58d4d5c..deba4d0 100644 --- a/doc/headerfilterrules.txt +++ b/doc/headerfilterrules.txt @@ -94,4 +94,4 @@ QS_ResponseHeaderFilter rules: name=X-Frame-Options, action=drop, size=4000, pattern=^[\x20-\xFF]*$ name=X-XSS-Protection, action=drop, size=4000, pattern=^[\x20-\xFF]*$ -mod_qos 11.74 +mod_qos 11.76 diff --git a/doc/index.html b/doc/index.html index 839d364..71baeae 100644 --- a/doc/index.html +++ b/doc/index.html @@ -34,7 +34,7 @@ See http://mod-qos.sourceforge.net/ for further details. - Copyright (C) 2023 Pascal Buchbinder + Copyright (C) 2025 Pascal Buchbinder Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with @@ -248,7 +248,7 @@ server's modules directory. 
-cd mod_qos-11.74/apache2
+cd mod_qos-11.76/apache2
 apxs -i -c mod_qos.c -lcrypto -lpcre2-8
 cd ../..
@@ -320,11 +320,11 @@ within the format string used by the QSLog dir The support tools may be built (at least on some Linux platforms) using the GNU autotools. Some of these utilities require third-party libraries such as apr, apr-util, PCRE2, -libpng, and OpenSSL. +and OpenSSL. 
-cd mod_qos-11.74/tools
+cd mod_qos-11.76/tools
 ./configure
 make
@@ -946,10 +946,6 @@ that has occurred during a request. QS_Country
ISO 3166 country code of client IPv4 address. Only available if the geographical database file has been loaded.
-Note: You may use the QS_ClientIpFromHeader <header> -directive to override the client's IP address based on the value within the defined -HTTP request header (e.g., X-Forwarded-For) instead of taking the IP address of -the client which has opened the TCP connection.