You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rp...@apache.org on 2016/07/20 18:32:14 UTC
svn commit: r1753594 - in /httpd/httpd/trunk: CHANGES
modules/proxy/mod_proxy_balancer.c
Author: rpluem
Date: Wed Jul 20 18:32:14 2016
New Revision: 1753594
URL: http://svn.apache.org/viewvc?rev=1753594&view=rev
Log:
* Prevent redirect loops between workers within a balancer by limiting the
number of redirects to the number balancer members.
PR: 59864
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1753594&r1=1753593&r2=1753594&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Jul 20 18:32:14 2016
@@ -1,6 +1,10 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) mod_proxy_balancer: Prevent redirect loops between workers within a
+ balancer by limiting the number of redirects to the number balancer
+ members. PR 59864 [Ruediger Pluem]
+
*) mod_proxy: Correctly consider error response codes by the backend when
processing failonstatus. PR 59869 [Ruediger Pluem]
Modified: httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?rev=1753594&r1=1753593&r2=1753594&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c (original)
+++ httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c Wed Jul 20 18:32:14 2016
@@ -212,7 +212,8 @@ static char *get_cookie_param(request_re
/* Find the worker that has the 'route' defined
*/
static proxy_worker *find_route_worker(proxy_balancer *balancer,
- const char *route, request_rec *r)
+ const char *route, request_rec *r,
+ int recursion)
{
int i;
int checking_standby;
@@ -249,10 +250,15 @@ static proxy_worker *find_route_worker(p
* This enables to safely remove the member from the
* balancer. Of course you will need some kind of
* session replication between those two remote.
+ * Also check that we haven't gone thru all the
+ * balancer members by means of redirects.
+ * This should avoid redirect cycles.
*/
- if (*worker->s->redirect) {
+ if ((*worker->s->redirect)
+ && (recursion < balancer->workers->nelts)) {
proxy_worker *rworker = NULL;
- rworker = find_route_worker(balancer, worker->s->redirect, r);
+ rworker = find_route_worker(balancer, worker->s->redirect,
+ r, recursion + 1);
/* Check if the redirect worker is usable */
if (rworker && !PROXY_WORKER_IS_USABLE(rworker)) {
/*
@@ -315,7 +321,7 @@ static proxy_worker *find_session_route(
/* We have a route in path or in cookie
* Find the worker that has this route defined.
*/
- worker = find_route_worker(balancer, *route, r);
+ worker = find_route_worker(balancer, *route, r, 1);
if (worker && strcmp(*route, worker->s->route)) {
/*
* Notice that the route of the worker chosen is different from