You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Hendrik Harms <he...@gmail.com> on 2014/01/24 11:10:48 UTC

Re: [PATCH] proxy_util.c: ap_proxy_determine_connection connecting improper HTTPS backend

Is it possible to merge this patch into httpd-2.4 / 2.5 ?
This would solve problems if the backend is an IBMs Access Manager V6.0 or
an other server not able to serve  "absoluteURI"s

Reqards,
Hendrik



2013/12/16 Hendrik Harms <he...@gmail.com>

> If an (improper) backend server could only serve requests with
> "abs_path"s  but not "absoluteURI"s (RFC 2616 5.1.2) we couldn't place this
> backend behind a forward proxy using https.
>
> https://issues.apache.org/bugzilla/show_bug.cgi?id=55892
>
> This patch would solve this. I've added the "force-proxy-request-1.0"
> switch into this patch but I'm not sure about this.
>
> --- modules/proxy/proxy_util.c.orig     2013-07-11 14:21:19.000000000 +0200
> +++ modules/proxy/proxy_util.c  2013-12-16 16:06:36.000000000 +0100
> @@ -2077,7 +2077,10 @@
>       * short living pool.
>       */
>      /* are we connecting directly, or via a proxy? */
> -    if (!proxyname) {
> +    /* handle HTTP/1.0 via SSL like direct connect */
> +    if (!proxyname ||
> +        (conn->is_ssl &&
> +         apr_table_get(r->subprocess_env, "force-proxy-request-1.0"))) {
>          *url = apr_pstrcat(p, uri->path, uri->query ? "?" : "",
>                             uri->query ? uri->query : "",
>                             uri->fragment ? "#" : "",
>
>
> Regards,
> Hendrik
>