You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rp...@apache.org on 2016/07/20 18:32:14 UTC

svn commit: r1753594 - in /httpd/httpd/trunk: CHANGES modules/proxy/mod_proxy_balancer.c

Author: rpluem
Date: Wed Jul 20 18:32:14 2016
New Revision: 1753594

URL: http://svn.apache.org/viewvc?rev=1753594&view=rev
Log:
* Prevent redirect loops between workers within a balancer by limiting the
  number of redirects to the number balancer members.

PR: 59864

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1753594&r1=1753593&r2=1753594&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Jul 20 18:32:14 2016
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_proxy_balancer: Prevent redirect loops between workers within a
+     balancer by limiting the number of redirects to the number balancer
+     members. PR 59864 [Ruediger Pluem]
+
   *) mod_proxy: Correctly consider error response codes by the backend when
      processing failonstatus. PR 59869 [Ruediger Pluem]
 

Modified: httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?rev=1753594&r1=1753593&r2=1753594&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c (original)
+++ httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c Wed Jul 20 18:32:14 2016
@@ -212,7 +212,8 @@ static char *get_cookie_param(request_re
 /* Find the worker that has the 'route' defined
  */
 static proxy_worker *find_route_worker(proxy_balancer *balancer,
-                                       const char *route, request_rec *r)
+                                       const char *route, request_rec *r,
+                                       int recursion)
 {
     int i;
     int checking_standby;
@@ -249,10 +250,15 @@ static proxy_worker *find_route_worker(p
                          * This enables to safely remove the member from the
                          * balancer. Of course you will need some kind of
                          * session replication between those two remote.
+                         * Also check that we haven't gone thru all the
+                         * balancer members by means of redirects.
+                         * This should avoid redirect cycles.
                          */
-                        if (*worker->s->redirect) {
+                        if ((*worker->s->redirect)
+                            && (recursion < balancer->workers->nelts)) {
                             proxy_worker *rworker = NULL;
-                            rworker = find_route_worker(balancer, worker->s->redirect, r);
+                            rworker = find_route_worker(balancer, worker->s->redirect,
+                                                        r, recursion + 1);
                             /* Check if the redirect worker is usable */
                             if (rworker && !PROXY_WORKER_IS_USABLE(rworker)) {
                                 /*
@@ -315,7 +321,7 @@ static proxy_worker *find_session_route(
         /* We have a route in path or in cookie
          * Find the worker that has this route defined.
          */
-        worker = find_route_worker(balancer, *route, r);
+        worker = find_route_worker(balancer, *route, r, 1);
         if (worker && strcmp(*route, worker->s->route)) {
             /*
              * Notice that the route of the worker chosen is different from