From 026546e3adafbfc8c9756ec17e4fc9dd100db2d5 Mon Sep 17 00:00:00 2001
From: Chad Horohoe <demon@users.mediawiki.org>
Date: Fri, 12 Jun 2009 01:34:44 +0000
Subject: [PATCH] Revert r51725 (fall back to 127.0.0.1 when IP cannot be
 determined). On further discussion, it's best if we don't make up a fake IP.
 Tweak the logic here a bit (per Tim) to let XFF attempt to determine the
 actual IP. Throw an exception if we can't.

---
 RELEASE-NOTES           |  3 +--
 includes/ProxyTools.php | 17 +++++++++++------
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 7e3b4435ad..489870bdbd 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -182,8 +182,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
 * Multiple whitespace in TOC anchors is now stripped, for consistency with the
   link from the edit comment
 * (bug 19112) Preferences now respects $wgUseExternalEditor, $wgExternalDiffEngine
-* (bug 18173) Login form exception on malformed REMOTE_ADDR, wfGetIP() now falls 
-  back to 127.0.0.1 if the IP cannot be determined
+* (bug 18173) MediaWiki now fails on malformed REMOTE_ADDR
 
 == API changes in 1.16 ==
 
diff --git a/includes/ProxyTools.php b/includes/ProxyTools.php
index 7331d74c9d..dc30d0ef30 100644
--- a/includes/ProxyTools.php
+++ b/includes/ProxyTools.php
@@ -76,13 +76,14 @@ function wfGetIP() {
 
 	/* collect the originating ips */
 	# Client connecting to this webserver
-	if ( isset( $_SERVER['REMOTE_ADDR'] ) && IP::canonicalize( $_SERVER['REMOTE_ADDR'] ) ) {
-		$ipchain = array( IP::canonicalize( $_SERVER['REMOTE_ADDR'] ) );
-	} else {
-		# Running on CLI or REMOTE_ADDR is broken
-		$ipchain = array( '127.0.0.1' );
+	if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
+		$ip = IP::canonicalize( $_SERVER['REMOTE_ADDR'] );
+	}
+	if( $ip ) {
+		$ipchain[] = $ip;
 	}
-	$ip = $ipchain[0];
+	
+	$ip = false;
 
 	# Append XFF on to $ipchain
 	$forwardedFor = wfGetForwardedFor();
@@ -107,6 +108,10 @@ function wfGetIP() {
 		}
 	}
 
+	if( $ip ) {
+		throw new MWException( "Unable to determine IP" );
+	}
+
 	wfDebug( "IP: $ip\n" );
 	$wgIP = $ip;
 	return $ip;
-- 
2.20.1