Adds a flag to use the X-Forwarded-For header to find the ip of the remote server. This is needed when you have multiple api servers with a load balancing proxy in front. It is a flag that defaults to False because if you don't have a sanitizing proxy in front, users could masquerade as other ips by passing in the header manually.

nova/api/ec2/__init__.py

@@ -37,6 +37,9 @@ from nova.auth import manager
 
 
 FLAGS = flags.FLAGS
+flags.DEFINE_boolean('use_forwarded_for', False,
+                     'Treat X-Forwarded-For as the canonical remote address. '
+                     'Only enable this if you have a sanitizing proxy.')
 flags.DEFINE_boolean('use_lockout', False,
                      'Whether or not to use lockout middleware.')
 flags.DEFINE_integer('lockout_attempts', 5,
@@ -144,9 +147,12 @@ class Authenticate(wsgi.Middleware):
             raise webob.exc.HTTPForbidden()
 
         # Authenticated!
+        remote_address = req.remote_addr
+        if FLAGS.use_forwarded_for:
+            remote_address = req.headers.get('X-Forwarded-For', remote_address)
         ctxt = context.RequestContext(user=user,
                                       project=project,
-                                      remote_address=req.remote_addr)
+                                      remote_address=remote_address)
         req.environ['ec2.context'] = ctxt
         return self.application
 

nova/api/ec2/metadatarequesthandler.py

@@ -23,9 +23,13 @@ import logging
 import webob.dec
 import webob.exc
 
+from nova import flags
 from nova.api.ec2 import cloud
 
 
+FLAGS = flags.FLAGS
+
+
 class MetadataRequestHandler(object):
     """Serve metadata from the EC2 API."""
 
@@ -63,10 +67,13 @@ class MetadataRequestHandler(object):
     @webob.dec.wsgify
     def __call__(self, req):
         cc = cloud.CloudController()
-        meta_data = cc.get_metadata(req.remote_addr)
+        remote_address = req.remote_addr
+        if FLAGS.use_forwarded_for:
+            remote_address = req.headers.get('X-Forwarded-For', remote_address)
+        meta_data = cc.get_metadata(remote_address)
         if meta_data is None:
             logging.error(_('Failed to get metadata for ip: %s') %
-                          req.remote_addr)
+                          remote_address)
             raise webob.exc.HTTPNotFound()
         data = self.lookup(req.path_info, meta_data)
         if data is None: