Merge pull request #43 from getlantern/issue-42

uaalto · uaalto · commit a1a1a6def72c · 2016-03-10T09:31:09.000Z
split host from RemoteAddr fixes #42
diff --git a/configserverfilter/headers.go b/configserverfilter/headers.go
@@ -5,6 +5,7 @@ package configserverfilter
 
 import (
 	"errors"
+	"net"
 	"net/http"
 
 	"github.com/getlantern/golog"
@@ -69,7 +70,12 @@ next:
 func (f *ConfigServerFilter) attachHeader(req *http.Request) *http.Request {
 	req.Header.Set(common.CfgSvrAuthTokenHeader, f.authToken)
 	log.Debugf("Attached %s header to \"GET %s\"", common.CfgSvrAuthTokenHeader, req.URL.String())
-	req.Header.Set(common.CfgSvrClientIPHeader, req.RemoteAddr)
-	log.Debugf("Set %s as %s to \"GET %s\"", common.CfgSvrClientIPHeader, req.RemoteAddr, req.URL.String())
+	host, _, err := net.SplitHostPort(req.RemoteAddr)
+	if err != nil {
+		log.Errorf("Unable to split host from '%s': %s", req.RemoteAddr, err)
+		return req
+	}
+	req.Header.Set(common.CfgSvrClientIPHeader, host)
+	log.Debugf("Set %s as %s to \"GET %s\"", common.CfgSvrClientIPHeader, host, req.URL.String())
 	return req
 }
diff --git a/configserverfilter/headers_test.go b/configserverfilter/headers_test.go
@@ -18,25 +18,33 @@ func (h *dummyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 func TestAttachAuthToken(t *testing.T) {
 	fakeToken := "fake-token"
 	dummyClientIP := "1.1.1.1"
+	dummyAddr := dummyClientIP + ":12345"
 	dummy := dummyHandler{}
 	am, _ := New(&dummy, AuthToken(fakeToken), Domains([]string{"site1.com", "site2.org"}))
+
 	req, _ := http.NewRequest("GET", "http://site1.com/abc.gz", nil)
-	req.RemoteAddr = dummyClientIP
+	req.RemoteAddr = dummyAddr
+	am.ServeHTTP(nil, req)
+	assert.Equal(t, fakeToken, dummy.req.Header.Get(common.CfgSvrAuthTokenHeader), "should attach token")
+	assert.Equal(t, dummyClientIP, dummy.req.Header.Get(common.CfgSvrClientIPHeader), "should attach client ip")
+
+	req, _ = http.NewRequest("GET", "http://site2.org/abc.gz", nil)
+	req.RemoteAddr = dummyAddr
 	am.ServeHTTP(nil, req)
-	assert.Equal(t, fakeToken, dummy.req.Header.Get(common.CfgSvrAuthTokenHeader))
-	assert.Equal(t, dummyClientIP, dummy.req.Header.Get(common.CfgSvrClientIPHeader))
+	assert.Equal(t, fakeToken, dummy.req.Header.Get(common.CfgSvrAuthTokenHeader), "should attach token")
+	assert.Equal(t, dummyClientIP, dummy.req.Header.Get(common.CfgSvrClientIPHeader), "should attach client ip")
 
 	req, _ = http.NewRequest("GET", "http://site2.org/abc.gz", nil)
-	req.RemoteAddr = dummyClientIP
+	req.RemoteAddr = "bad-addr"
 	am.ServeHTTP(nil, req)
-	assert.Equal(t, fakeToken, dummy.req.Header.Get(common.CfgSvrAuthTokenHeader))
-	assert.Equal(t, dummyClientIP, dummy.req.Header.Get(common.CfgSvrClientIPHeader))
+	assert.Equal(t, fakeToken, dummy.req.Header.Get(common.CfgSvrAuthTokenHeader), "should attach token")
+	assert.Equal(t, "", dummy.req.Header.Get(common.CfgSvrClientIPHeader), "should not attach client ip if remote address is invalid")
 
 	req, _ = http.NewRequest("GET", "http://not-config-server.org/abc.gz", nil)
-	req.RemoteAddr = dummyClientIP
+	req.RemoteAddr = dummyAddr
 	am.ServeHTTP(nil, req)
-	assert.Equal(t, "", dummy.req.Header.Get(common.CfgSvrAuthTokenHeader))
-	assert.Equal(t, "", dummy.req.Header.Get(common.CfgSvrClientIPHeader))
+	assert.Equal(t, "", dummy.req.Header.Get(common.CfgSvrAuthTokenHeader), "should not attach token for other sites")
+	assert.Equal(t, "", dummy.req.Header.Get(common.CfgSvrClientIPHeader), "should not attach client ip for other sites")
 }
 
 func TestInitialize(t *testing.T) {
