You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2017/01/07 12:57:16 UTC
svn commit: r1777778 - in /httpd/httpd/branches/2.2.x: ./ CHANGES
modules/proxy/mod_proxy.h modules/proxy/proxy_util.c
Author: ylavic
Date: Sat Jan 7 12:57:16 2017
New Revision: 1777778
URL: http://svn.apache.org/viewvc?rev=1777778&view=rev
Log:
Merge r1729826, r1729847, r1732986, r1733056 from trunk:
mod_proxy: Play/restore the TLS-SNI on new backend connections which
had to be issued because the remote closed the previous/reusable one
during idle (keep-alive) time.
mod_proxy: follow up to r1729826: really copy conn->ssl_hostname.
mod_proxy: follow up to r1729826 + r1729847.
Adjust stacked ssl_hostname maximum size.
mod_proxy: follow up to r1729826 + r1729847 + r1732986.
Don't use magic constants.
Submitted by: ylavic
Reviewed by: ylavic, wrowe, covener, orlikowski
Modified:
httpd/httpd/branches/2.2.x/ (props changed)
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h
httpd/httpd/branches/2.2.x/modules/proxy/proxy_util.c
Propchange: httpd/httpd/branches/2.2.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Jan 7 12:57:16 2017
@@ -1,2 +1,2 @@
/httpd/httpd/branches/2.4.x:1542549,1555538,1555559,1635970,1648845,1649003,1681034,1682929,1682939,1707123,1722573,1726087,1776957
-/httpd/httpd/trunk:290940,395552,417988,451572,501364,583817,583830,611483,630858,639005,639010,647395,657354,657459,660461,660566,664330,678761,680082,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,713575,719357,720250,729316-729317,729586,732414,732504,732816,732832,733127,733134,733218-733219,734710,743589,752546,755190,756671,756675,756678,756683,757741,761329,763394,764239,768535,769809,771587,771610,776325,777042,777091,778438-778439,778531,778942,780648,780655,780692,780697,780699,785457,785661,790587,803704,819480,823536,823563,834378,835046,891282,892678,892808,900022,932791,942209,952823,953311,955966,979120,981084,992625,1026743,1031551,1040304,1040373,1058192,1070096,1082189,1082196,1090645,1100511,1102124,1172732,1200040,1200372,1200374,1213380,1213391,1222335,1223048,1231446,1244211,1294306,1299738,1300171,1301111,1308862,1327036,1327080,1328133,1328325-1328326,1345319,1348656,1349905,135291
2,1363183,1363186,1366344,1367778,1368131,1368396,1369568,1395225,1398066,1400700,1407004,1407088,1407528,1408402,1410681,1413732,1414094,1416889,1418752,1422234,1422253,1435178,1447426,1470940,1475878,1476604,1476621,1476642,1476644-1476645,1477530,1484852,1485409,1485668,1490994,1493330,1496429,1500323,1504276,1506714,1509872,1509875,1514215,1524192,1524770,1526168,1526189,1527291,1527295,1527925,1528718,1529559,1529988,1529991,1531505,1532816,1542338,1551685,1551714,1552227,1553204,1554276,1554281,1555240,1555555,1556428,1563420,1572092,1572198,1572543,1572611,1572630,1572655,1572663,1572668-1572671,1572896,1572911,1572967,1573224,1573229,1575400,1585090,1586745,1587594,1587639,1588851,1590509,1597352,1603156,1604353,1610207,1610311,1610491,1610501,1611165,1611169,1620932,1621419,1621453,1643537,1643543,1648840,1649001,1649043,1650310,1650320,1652929,1653997,1657897,1658765,1663647,1664205,1665215,1665218,1665625,1665721,1666363,1674056,1675533,1676654,1677462,1679182,1679470,168
0895,1680900,1680942,1681037,1682923,1682937,1684513,1684900,1685345,1685347,1685349-1685350,1687539,1687680,1688274,1688331,1688339-1688340,1688343,1688536,1688538,1697013,1697015,1706989,1710095,1722572,1723567,1726086,1727544,1745767,1748448,1753228,1753592,1776956
+/httpd/httpd/trunk:290940,395552,417988,451572,501364,583817,583830,611483,630858,639005,639010,647395,657354,657459,660461,660566,664330,678761,680082,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,713575,719357,720250,729316-729317,729586,732414,732504,732816,732832,733127,733134,733218-733219,734710,743589,752546,755190,756671,756675,756678,756683,757741,761329,763394,764239,768535,769809,771587,771610,776325,777042,777091,778438-778439,778531,778942,780648,780655,780692,780697,780699,785457,785661,790587,803704,819480,823536,823563,834378,835046,891282,892678,892808,900022,932791,942209,952823,953311,955966,979120,981084,992625,1026743,1031551,1040304,1040373,1058192,1070096,1082189,1082196,1090645,1100511,1102124,1172732,1200040,1200372,1200374,1213380,1213391,1222335,1223048,1231446,1244211,1294306,1299738,1300171,1301111,1308862,1327036,1327080,1328133,1328325-1328326,1345319,1348656,1349905,135291
2,1363183,1363186,1366344,1367778,1368131,1368396,1369568,1395225,1398066,1400700,1407004,1407088,1407528,1408402,1410681,1413732,1414094,1416889,1418752,1422234,1422253,1435178,1447426,1470940,1475878,1476604,1476621,1476642,1476644-1476645,1477530,1484852,1485409,1485668,1490994,1493330,1496429,1500323,1504276,1506714,1509872,1509875,1514215,1524192,1524770,1526168,1526189,1527291,1527295,1527925,1528718,1529559,1529988,1529991,1531505,1532816,1542338,1551685,1551714,1552227,1553204,1554276,1554281,1555240,1555555,1556428,1563420,1572092,1572198,1572543,1572611,1572630,1572655,1572663,1572668-1572671,1572896,1572911,1572967,1573224,1573229,1575400,1585090,1586745,1587594,1587639,1588851,1590509,1597352,1603156,1604353,1610207,1610311,1610491,1610501,1611165,1611169,1620932,1621419,1621453,1643537,1643543,1648840,1649001,1649043,1650310,1650320,1652929,1653997,1657897,1658765,1663647,1664205,1665215,1665218,1665625,1665721,1666363,1674056,1675533,1676654,1677462,1679182,1679470,168
0895,1680900,1680942,1681037,1682923,1682937,1684513,1684900,1685345,1685347,1685349-1685350,1687539,1687680,1688274,1688331,1688339-1688340,1688343,1688536,1688538,1697013,1697015,1706989,1710095,1722572,1723567,1726086,1727544,1729826,1729847,1732986,1733056,1745767,1748448,1753228,1753592,1776956
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1777778&r1=1777777&r2=1777778&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Sat Jan 7 12:57:16 2017
@@ -51,6 +51,10 @@ Changes with Apache 2.2.32
*) mod_proxy: Correctly consider error response codes by the backend when
processing failonstatus. PR 59869 [Ruediger Pluem]
+ *) mod_proxy: Play/restore the TLS-SNI on new backend connections which
+ had to be issued because the remote closed the previous/reusable one
+ during idle (keep-alive) time. [Yann Ylavic]
+
*) mod_ssl: Fix a possible memory leak on restart for custom [EC]DH params.
[Jan Kaluza, Yann Ylavic]
Modified: httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h?rev=1777778&r1=1777777&r2=1777778&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h Sat Jan 7 12:57:16 2017
@@ -294,6 +294,11 @@ PROXY_WORKER_DISABLED | PROXY_WORKER_STO
#define PROXY_WORKER_DEFAULT_RETRY 60
#define PROXY_WORKER_MAX_ROUTE_SIZ 63
+/* RFC-1035 mentions limits of 255 for host-names and 253 for domain-names,
+ * dotted together(?) this would fit the below size (+ trailing NUL).
+ */
+#define PROXY_WORKER_RFC1035_NAME_SIZE 512
+
/* Scoreboard */
#if MODULE_MAGIC_NUMBER_MAJOR > 20020903
#define PROXY_HAS_SCOREBOARD 1
Modified: httpd/httpd/branches/2.2.x/modules/proxy/proxy_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/proxy_util.c?rev=1777778&r1=1777777&r2=1777778&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/proxy_util.c (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/proxy_util.c Sat Jan 7 12:57:16 2017
@@ -2522,10 +2522,27 @@ PROXY_DECLARE(int) ap_proxy_connect_back
if (conn->sock) {
if (!(connected = is_socket_connected(conn->sock))) {
+ /* This clears conn->scpool (and associated data), so backup and
+ * restore any ssl_hostname for this connection set earlier by
+ * ap_proxy_determine_connection().
+ */
+ char ssl_hostname[PROXY_WORKER_RFC1035_NAME_SIZE];
+ if (!conn->ssl_hostname ||
+ conn->ssl_hostname[apr_cpystrn(ssl_hostname,
+ conn->ssl_hostname,
+ sizeof ssl_hostname) -
+ ssl_hostname]) {
+ ssl_hostname[0] = '\0';
+ }
+
socket_cleanup(conn);
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
"proxy: %s: backend socket is disconnected.",
proxy_function);
+
+ if (ssl_hostname[0]) {
+ conn->ssl_hostname = apr_pstrdup(conn->scpool, ssl_hostname);
+ }
}
}
while (backend_addr && !connected) {