[rabbitmq-server/epel7] Fix insufficient 'X-Forwarded-For' header validation (RHBZ#1174872)

John Eckersberg jeckersb at fedoraproject.org
Wed Dec 17 19:23:02 UTC 2014 

commit 10126b9a5319eadc8dc3574e1df7fb2cb624eff7
Author: John Eckersberg <jeckersb at redhat.com>
Date:   Wed Dec 17 14:22:42 2014 -0500

    Fix insufficient 'X-Forwarded-For' header validation (RHBZ#1174872)

 rabbitmq-server-RHBZ1174872-1-of-2.patch |   52 ++++++++++++++++++++++++++++++
 rabbitmq-server-RHBZ1174872-2-of-2.patch |   22 ++++++++++++
 rabbitmq-server.spec                     |   15 ++++++++-
 3 files changed, 88 insertions(+), 1 deletions(-)
---
diff --git a/rabbitmq-server-RHBZ1174872-1-of-2.patch b/rabbitmq-server-RHBZ1174872-1-of-2.patch
new file mode 100644
index 0000000..57f8917
--- /dev/null
+++ b/rabbitmq-server-RHBZ1174872-1-of-2.patch
@@ -0,0 +1,52 @@
+
+# HG changeset patch
+# User Simon MacMullen <simon at rabbitmq.com>
+# Date 1413370639 -3600
+# Node ID c3c41177a11a120cda1e4b7b6594220b0d197f5b
+# Parent  fc2d6d0a192b3182def9c014bc490ac2a343bfd4
+Don't use wrq:peer/1
+
+diff -r fc2d6d0a192b -r c3c41177a11a src/rabbit_mgmt_util.erl
+--- a/src/rabbit_mgmt_util.erl	Thu Oct 02 17:48:31 2014 +0100
++++ b/src/rabbit_mgmt_util.erl	Wed Oct 15 11:57:19 2014 +0100
+@@ -40,6 +40,9 @@
+ -include("rabbit_mgmt.hrl").
+ -include_lib("amqp_client/include/amqp_client.hrl").
+ 
++-include_lib("webmachine/include/wm_reqdata.hrl").
++-include_lib("webmachine/include/wm_reqstate.hrl").
++
+ -define(FRAMING, rabbit_framing_amqp_0_9_1).
+ 
+ %%--------------------------------------------------------------------
+@@ -116,11 +119,7 @@
+              end,
+     case rabbit_access_control:check_user_pass_login(Username, Password) of
+         {ok, User = #user{tags = Tags}} ->
+-            IPStr = wrq:peer(ReqData),
+-            %% inet_parse:address/1 is an undocumented function but
+-            %% exists in old versions of Erlang. inet:parse_address/1
+-            %% is a documented wrapper round it but introduced in R16B.
+-            {ok, IP} = inet_parse:address(IPStr),
++            IP = peer(ReqData),
+             case rabbit_access_control:check_user_loopback(Username, IP) of
+                 ok ->
+                     case is_mgmt_user(Tags) of
+@@ -143,6 +142,16 @@
+             not_authorised(<<"Login failed">>, ReqData, Context)
+     end.
+ 
++%% We can't use wrq:peer/1 because that trusts X-Forwarded-For.
++peer(ReqData) ->
++    {ok, {IP,_Port}} = peername(ReqData#wm_reqdata.wm_state#wm_reqstate.socket),
++    IP.
++
++%% Like the one in rabbit_net, but we and webmachine have a different
++%% way of wrapping
++peername(Sock) when is_port(Sock) -> inet:peername(Sock);
++peername({ssl, SSL})              -> ssl:peername(SSL).
++
+ vhost(ReqData) ->
+     case id(vhost, ReqData) of
+         none  -> none;
+
diff --git a/rabbitmq-server-RHBZ1174872-2-of-2.patch b/rabbitmq-server-RHBZ1174872-2-of-2.patch
new file mode 100644
index 0000000..ff6fcfd
--- /dev/null
+++ b/rabbitmq-server-RHBZ1174872-2-of-2.patch
@@ -0,0 +1,22 @@
+
+# HG changeset patch
+# User Simon MacMullen <simon at rabbitmq.com>
+# Date 1413371780 -3600
+# Node ID 35e916df027dd36c498e8814d39c3e2a44548c7b
+# Parent  c3c41177a11a120cda1e4b7b6594220b0d197f5b
+Build on old Erlang
+
+diff -r c3c41177a11a -r 35e916df027d src/rabbit_mgmt_util.erl
+--- a/src/rabbit_mgmt_util.erl	Wed Oct 15 11:57:19 2014 +0100
++++ b/src/rabbit_mgmt_util.erl	Wed Oct 15 12:16:20 2014 +0100
+@@ -144,7 +144,8 @@
+ 
+ %% We can't use wrq:peer/1 because that trusts X-Forwarded-For.
+ peer(ReqData) ->
+-    {ok, {IP,_Port}} = peername(ReqData#wm_reqdata.wm_state#wm_reqstate.socket),
++    WMState = ReqData#wm_reqdata.wm_state,
++    {ok, {IP,_Port}} = peername(WMState#wm_reqstate.socket),
+     IP.
+ 
+ %% Like the one in rabbit_net, but we and webmachine have a different
+
diff --git a/rabbitmq-server.spec b/rabbitmq-server.spec
index 9d697a4..228f2ea 100644
--- a/rabbitmq-server.spec
+++ b/rabbitmq-server.spec
@@ -3,7 +3,7 @@
 
 Name: rabbitmq-server
 Version: 3.3.5
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: MPLv1.1
 Group: Development/Libraries
 Source: http://www.rabbitmq.com/releases/rabbitmq-server/v%{version}/%{name}-%{version}.tar.gz
@@ -58,6 +58,11 @@ Patch1: rabbitmq-server-systemd-notify-support.patch
 
 Patch2: rabbitmq-server-allow-guest-non-loopback.patch
 
+# Bug 1174872 - rabbitmq-server: insufficient 'X-Forwarded-For' header validation
+# https://bugzilla.redhat.com/show_bug.cgi?id=1174872
+Patch3: rabbitmq-server-RHBZ1174872-1-of-2.patch
+Patch4: rabbitmq-server-RHBZ1174872-2-of-2.patch
+
 %description
 RabbitMQ is an implementation of AMQP, the emerging standard for high
 performance enterprise messaging. The RabbitMQ server is a robust and
@@ -79,6 +84,11 @@ scalable implementation of an AMQP broker.
 %patch1 -p1
 %patch2 -p1
 
+pushd plugins-src/rabbitmq-management
+%patch3 -p1
+%patch4 -p1
+popd
+
 %build
 cp %{S:2} %{_rabbit_wrapper}
 cp %{S:4} %{_rabbit_server_ocf}
@@ -210,6 +220,9 @@ done
 rm -rf %{buildroot}
 
 %changelog
+* Wed Dec 17 2014 John Eckersberg <eck at redhat.com> - 3.3.5-4
+- Fix insufficient 'X-Forwarded-For' header validation (RHBZ#1174872)
+
 * Tue Nov 18 2014 John Eckersberg <eck at redhat.com> - 3.3.5-3
 - Add rabbitmq-plugins to default path (rhbz#1126680)

More information about the scm-commits mailing list