From 785a05910108a6d032e802605762d7567dec4123 Mon Sep 17 00:00:00 2001 From: Dylan William Hardison Date: Fri, 2 Mar 2018 00:05:28 -0500 Subject: Bug 1442520 - move inbound_proxies to localconfig --- Bugzilla/Config/Advanced.pm | 18 ------------------ Bugzilla/DaemonControl.pm | 12 ++++++++---- Bugzilla/Install/Localconfig.pm | 7 +++++-- Bugzilla/Util.pm | 2 +- 4 files changed, 14 insertions(+), 25 deletions(-) (limited to 'Bugzilla') diff --git a/Bugzilla/Config/Advanced.pm b/Bugzilla/Config/Advanced.pm index e2c00f910..2eec11dbe 100644 --- a/Bugzilla/Config/Advanced.pm +++ b/Bugzilla/Config/Advanced.pm @@ -17,13 +17,6 @@ use Bugzilla::Util qw(validate_ip); our $sortkey = 1700; use constant get_param_list => ( - { - name => 'inbound_proxies', - type => 't', - default => '', - checker => \&check_inbound_proxies - }, - { name => 'proxy_url', type => 't', @@ -82,15 +75,4 @@ use constant get_param_list => ( }, ); -sub check_inbound_proxies { - my $inbound_proxies = shift; - - return "" if $inbound_proxies eq "*"; - my @proxies = split( /[\s,]+/, $inbound_proxies ); - foreach my $proxy (@proxies) { - validate_ip($proxy) || return "$proxy is not a valid IPv4 or IPv6 address"; - } - return ""; -} - 1; diff --git a/Bugzilla/DaemonControl.pm b/Bugzilla/DaemonControl.pm index 97ecb84e0..1de8350c1 100644 --- a/Bugzilla/DaemonControl.pm +++ b/Bugzilla/DaemonControl.pm @@ -10,6 +10,7 @@ use 5.10.1; use strict; use warnings; +use Bugzilla::Logging; use Bugzilla::Constants qw(bz_locations); use Cwd qw(realpath); use English qw(-no_match_vars $PROGRAM_NAME); @@ -131,16 +132,19 @@ sub run_httpd { sub run_cereal_and_httpd { my @httpd_args = @_; - my $lc = Bugzilla::Install::Localconfig::read_localconfig(); - if ( ($lc->{inbound_proxies} // '') eq '*' && $lc->{urlbase} =~ /^https/) { - push @httpd_args, '-DHTTPS'; - } push @httpd_args, '-DNETCAT_LOGS'; my $signal_f = catch_signal("TERM", 0); my $cereal_exit_f = run_cereal(); return assert_cereal()->then( sub { + my $lc = Bugzilla::Install::Localconfig::read_localconfig(); + if ( ($lc->{inbound_proxies} // '') eq '*' && $lc->{urlbase} =~ /^https/) { + push @httpd_args, '-DHTTPS'; + } + elsif (not $lc->{urlbase} =~ /^https/) { + WARN("HTTPS urlbase but inbound_proxies is not '*'"); + } my $httpd_exit_f = run_httpd(@httpd_args); return Future->wait_any($cereal_exit_f, $httpd_exit_f, $signal_f); diff --git a/Bugzilla/Install/Localconfig.pm b/Bugzilla/Install/Localconfig.pm index 646dbc1a7..ba8e8dc57 100644 --- a/Bugzilla/Install/Localconfig.pm +++ b/Bugzilla/Install/Localconfig.pm @@ -43,7 +43,7 @@ our @EXPORT_OK = qw( # might want to change this for upstream use constant ENV_PREFIX => 'BMO_'; -use constant PARAM_OVERRIDE => qw( inbound_proxies shadowdb shadowdbhost shadowdbport shadowdbsock ); +use constant PARAM_OVERRIDE => qw( shadowdb shadowdbhost shadowdbport shadowdbsock ); sub _sensible_group { return '' if ON_WINDOWS; @@ -135,7 +135,6 @@ use constant LOCALCONFIG_VARS => ( { name => 'param_override', default => { - inbound_proxies => undef, memcached_servers => undef, memcached_namespace => undef, shadowdb => undef, @@ -172,6 +171,10 @@ use constant LOCALCONFIG_VARS => ( name => 'ses_password', default => '', }, + { + name => 'inbound_proxies', + default => _migrate_param( 'inbound_proxies', '' ), + }, ); diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index c23e738e6..91f06e650 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -270,7 +270,7 @@ sub do_ssl_redirect_if_required { # Returns the real remote address of the client, sub remote_ip { my $remote_ip = $ENV{'REMOTE_ADDR'} || '127.0.0.1'; - my @proxies = split(/[\s,]+/, Bugzilla->get_param_with_override('inbound_proxies')); + my @proxies = split(/[\s,]+/, Bugzilla->localconfig->{inbound_proxies}); my @x_forwarded_for = split(/[\s,]+/, $ENV{HTTP_X_FORWARDED_FOR} // ''); return $remote_ip unless @x_forwarded_for; -- cgit v1.2.3-24-g4f1b