You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rp...@apache.org on 2009/04/25 12:04:21 UTC

svn commit: r768507 - in /httpd/httpd/branches/2.2.x: ./ CHANGES STATUS docs/ docs/conf/mime.types modules/proxy/mod_proxy_ajp.c support/ab.c support/suexec.c

Author: rpluem
Date: Sat Apr 25 10:04:21 2009
New Revision: 768507

URL: http://svn.apache.org/viewvc?rev=768507&view=rev
Log:
Merge r764239 from trunk:

* Check more strictly that the backend follows the AJP protocol.

Submitted by: mturk
Reviewed by: rpluem, jim, jfclere

Modified:
    httpd/httpd/branches/2.2.x/   (props changed)
    httpd/httpd/branches/2.2.x/CHANGES
    httpd/httpd/branches/2.2.x/STATUS
    httpd/httpd/branches/2.2.x/docs/   (props changed)
    httpd/httpd/branches/2.2.x/docs/conf/mime.types   (props changed)
    httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c
    httpd/httpd/branches/2.2.x/support/ab.c   (props changed)
    httpd/httpd/branches/2.2.x/support/suexec.c   (props changed)

Propchange: httpd/httpd/branches/2.2.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Apr 25 10:04:21 2009
@@ -1 +1 @@
-/httpd/httpd/trunk:451572,611483,639005,639010,647395,657354,657459,660461,660566,664330,678761,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,719357,720250,729316-729317,729586,732414,732504,732832,733127,733134,733218-733219,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394
+/httpd/httpd/trunk:451572,611483,639005,639010,647395,657354,657459,660461,660566,664330,678761,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,719357,720250,729316-729317,729586,732414,732504,732832,733127,733134,733218-733219,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394,764239

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=768507&r1=768506&r2=768507&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Sat Apr 25 10:04:21 2009
@@ -5,6 +5,9 @@
      mod_proxy_ajp: Avoid delivering content from a previous request which
      failed to send a request body. PR 46949 [Ruediger Pluem]
 
+  *) mod_proxy_ajp: Check more strictly that the backend follows the AJP
+     protocol. [Mladen Turk]
+
   *) mod_ssl: Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives
      to enable stricter checking of remote server certificates.
      [Ruediger Pluem]

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=768507&r1=768506&r2=768507&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Sat Apr 25 10:04:21 2009
@@ -87,12 +87,6 @@
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
- * mod_proxy_ajp: Check more strictly that the backend follows the AJP protocol.
-   Trunk version of patch:
-      http://svn.apache.org/viewvc?rev=764239&view=rev
-   Backport version for 2.2.x of patch:
-     Trunk version of patch works
-  +1: rpluem, jim, jfclere
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]

Propchange: httpd/httpd/branches/2.2.x/docs/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Apr 25 10:04:21 2009
@@ -1 +1 @@
-/httpd/httpd/trunk/docs:451572,611483,639005,639010,647395,657354,657459,660461,660566,664330,675610,678761,681190,682369,683626,684351,685112,686549,686805,686809,687099,687754,692325,693120,693392,693727-693728,696006,697093,703441,703997,706318,707163,708902,711421,719357,720250,726109,728015,728020,728220,729316-729317,729586,732414,732421,732451,732504,732832,733127,733134,733218-733219,733465,733467,733695,734703,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394
+/httpd/httpd/trunk/docs:451572,611483,639005,639010,647395,657354,657459,660461,660566,664330,675610,678761,681190,682369,683626,684351,685112,686549,686805,686809,687099,687754,692325,693120,693392,693727-693728,696006,697093,703441,703997,706318,707163,708902,711421,719357,720250,726109,728015,728020,728220,729316-729317,729586,732414,732421,732451,732504,732832,733127,733134,733218-733219,733465,733467,733695,734703,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394,764239

Propchange: httpd/httpd/branches/2.2.x/docs/conf/mime.types
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Apr 25 10:04:21 2009
@@ -1 +1 @@
-/httpd/httpd/trunk/docs/conf/mime.types:83749-721972,726109,728015,728020,728220,729316-729317,729586,732414,732421,732451,732504,732832,733127,733134,733218-733219,733465,733467,733695,734703,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394
+/httpd/httpd/trunk/docs/conf/mime.types:83749-721972,726109,728015,728020,728220,729316-729317,729586,732414,732421,732451,732504,732832,733127,733134,733218-733219,733465,733467,733695,734703,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394,764239

Modified: httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c?rev=768507&r1=768506&r2=768507&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c Sat Apr 25 10:04:21 2009
@@ -180,6 +180,7 @@
     int backend_failed = 0;
     apr_off_t bb_len;
     int data_sent = 0;
+    int request_ended = 0;
     int headers_sent = 0;
     int rv = 0;
     apr_int32_t conn_poll_fd;
@@ -415,6 +416,15 @@
                 }
                 break;
             case CMD_AJP13_SEND_HEADERS:
+                if (headers_sent) {
+                    /* Do not send anything to the client.
+                     * Backend already send us the headers.
+                     */
+                    backend_failed = 1;
+                    ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
+                                 "proxy: Backend sent headers twice.");
+                    break;
+                }
                 /* AJP13_SEND_HEADERS: process them */
                 status = ajp_parse_header(r, conf, conn->data);
                 if (status != APR_SUCCESS) {
@@ -480,6 +490,7 @@
                 }
                 /* XXX: what about flush here? See mod_jk */
                 data_sent = 1;
+                request_ended = 1;
                 break;
             default:
                 backend_failed = 1;
@@ -536,6 +547,17 @@
             rv = DONE;
         }
     }
+    else if (!request_ended) {
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
+                     "proxy: Processing of request didn't terminate cleanly");
+        /* We had a failure: Close connection to backend */
+        conn->close++;
+        backend_failed = 1;
+        /* Return DONE to avoid error messages being added to the stream */
+        if (data_sent) {
+            rv = DONE;
+        }
+    }
     else {
         ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
                      "proxy: got response from %pI (%s)",

Propchange: httpd/httpd/branches/2.2.x/support/ab.c
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Apr 25 10:04:21 2009
@@ -1 +1 @@
-/httpd/httpd/trunk/support/ab.c:83751-655654,657354,657433,657459,660461,660566,664330,678761,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,719357,720250,729316-729317,729586,732414,732504,732832,733127,733134,733218-733219,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394
+/httpd/httpd/trunk/support/ab.c:83751-655654,657354,657433,657459,660461,660566,664330,678761,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,719357,720250,729316-729317,729586,732414,732504,732832,733127,733134,733218-733219,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394,764239

Propchange: httpd/httpd/branches/2.2.x/support/suexec.c
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Apr 25 10:04:21 2009
@@ -1 +1 @@
-/httpd/httpd/trunk/support/suexec.c:451572,611483,639005,639010,647395,655711,657354,657459,660461,660566,664330,678761,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,719357,720250,729316-729317,729586,732414,732504,732832,733127,733134,733218-733219,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394
+/httpd/httpd/trunk/support/suexec.c:451572,611483,639005,639010,647395,655711,657354,657459,660461,660566,664330,678761,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,719357,720250,729316-729317,729586,732414,732504,732832,733127,733134,733218-733219,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394,764239